capitolcanary.com Open in urlscan Pro
141.193.213.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257VpyZ8vB2g4o70EbiGY=
Effective URL:
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73...
Submission: On November 22 via api (November 22nd 2022, 5:05:50 pm UTC) from US — Scanned from DE

Summary HTTP 204 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 32 domains to perform 204 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is capitolcanary.com. The Cisco Umbrella rank of the primary domain is 282668.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 25th 2022. Valid for: a year.

This is the only time capitolcanary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.184.251.130 52.184.251.130	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
38	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	104.16.95.80 104.16.95.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
64	143.204.215.12 143.204.215.12	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
4	3.216.203.91 3.216.203.91	14618 (AMAZON-AES) (AMAZON-AES)
2	216.24.57.3 216.24.57.3	397273 (RENDER) (RENDER)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 8	2600:9000:225... 2600:9000:225e:6400:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1e49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:2eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:209... 2600:9000:2093:2400:5:b2d2:2280:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2400:52e0:1e0... 2400:52e0:1e01::879:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:3600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:4055:d9ad:e415:742b	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 3	107.21.10.200 107.21.10.200	14618 (AMAZON-AES) (AMAZON-AES)
1	3.248.87.83 3.248.87.83	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	108.158.46.113 108.158.46.113	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.59 18.66.122.59	16509 (AMAZON-02) (AMAZON-02)
1	44.195.195.43 44.195.195.43	14618 (AMAZON-AES) (AMAZON-AES)
1	54.76.219.51 54.76.219.51	16509 (AMAZON-02) (AMAZON-02)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
6	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
204	41

1 52.184.251.130 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

about2.capitolcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

capitolcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.95.80 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

app-sj20.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 143.204.215.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-12.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.216.203.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-203-91.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.3 (Sweden)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

486-vki-494.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:225e:6400:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e49 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:2eb (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2093:2400:5:b2d2:2280:93a1 (United States)

ASN16509 (AMAZON-02, US)

pathmonk-lib.pathmonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2400:52e0:1e01::879:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:3600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:4055:d9ad:e415:742b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.21.10.200 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-10-200.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.87.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-87-83.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.46.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-46-113.bom78.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-59.fra60.r.cloudfront.net

wec-assets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.195.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-195-43.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.219.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-219-51.eu-west-1.compute.amazonaws.com

apisdk.pathmonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 4896	869 KB
39	capitolcanary.com about2.capitolcanary.com capitolcanary.com — Cisco Umbrella Rank: 282668	433 KB
18	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4627 api.omappapi.com — Cisco Umbrella Rank: 4846	82 KB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2348 d.adroll.com — Cisco Umbrella Rank: 1431	81 KB
6	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 5813 metrics.api.drift.com — Cisco Umbrella Rank: 5441	441 B
6	marketo.com app-sj20.marketo.com — Cisco Umbrella Rank: 244372	144 KB
5	pathmonk.com pathmonk-lib.pathmonk.com — Cisco Umbrella Rank: 343649 apisdk.pathmonk.com — Cisco Umbrella Rank: 371190	29 KB
5	clickagy.com 2 redirects tags.clickagy.com — Cisco Umbrella Rank: 6532 aorta.clickagy.com — Cisco Umbrella Rank: 1522 hemsync.clickagy.com — Cisco Umbrella Rank: 6019	15 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4753 www.google.com — Cisco Umbrella Rank: 2	993 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 355 www.linkedin.com — Cisco Umbrella Rank: 576 px4.ads.linkedin.com — Cisco Umbrella Rank: 6256	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5922	691 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2846	7 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1393 match.adsrvr.org — Cisco Umbrella Rank: 341 insight.adsrvr.org — Cisco Umbrella Rank: 573	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	296 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	132 KB
2	terminus.services wec-assets.terminus.services — Cisco Umbrella Rank: 16864	12 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	203 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1409	376 B
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1662	3 KB
2	gstatic.com fonts.gstatic.com	70 KB
2	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 20862	1 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3076	7 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 540	98 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 714	266 B
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 9015	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 716	5 KB
1	mktoresp.com 486-vki-494.mktoresp.com	318 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4880	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 976	46 KB
204	32

	Domain	Requested by
64	js.driftt.com	capitolcanary.com js.driftt.com
38	capitolcanary.com	about2.capitolcanary.com capitolcanary.com
17	a.omappapi.com	capitolcanary.com a.omappapi.com
8	s.adroll.com	2 redirects www.googletagmanager.com capitolcanary.com s.adroll.com
6	app-sj20.marketo.com	capitolcanary.com app-sj20.marketo.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com capitolcanary.com
4	metrics.api.drift.com	js.driftt.com
4	pathmonk-lib.pathmonk.com	capitolcanary.com pathmonk-lib.pathmonk.com
4	www.google.de	capitolcanary.com
4	tags.srv.stackadapt.com	capitolcanary.com tags.srv.stackadapt.com
4	www.googletagmanager.com	capitolcanary.com www.googleoptimize.com www.googletagmanager.com
3	aorta.clickagy.com	2 redirects tags.clickagy.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
2	insight.adsrvr.org	js.adsrvr.org
2	bootstrap.api.drift.com	js.driftt.com
2	wec-assets.terminus.services	www.googletagmanager.com capitolcanary.com
2	www.facebook.com	capitolcanary.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	www.google.com	capitolcanary.com
2	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
2	fonts.gstatic.com	fonts.googleapis.com
2	grow.clearbitjs.com	capitolcanary.com
2	munchkin.marketo.net	capitolcanary.com munchkin.marketo.net
1	match.adsrvr.org	capitolcanary.com
1	apisdk.pathmonk.com	pathmonk-lib.pathmonk.com
1	hemsync.clickagy.com	tags.clickagy.com
1	api.omappapi.com	a.omappapi.com
1	id.rlcdn.com	capitolcanary.com
1	sync.crwdcntrl.net	capitolcanary.com
1	d.adroll.com	s.adroll.com
1	px4.ads.linkedin.com	capitolcanary.com
1	www.linkedin.com	1 redirects
1	tags.clickagy.com	ws.zoominfo.com
1	tracking.g2crowd.com	about2.capitolcanary.com
1	snap.licdn.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	486-vki-494.mktoresp.com	munchkin.marketo.net
1	ws.zoominfo.com	capitolcanary.com
1	fonts.googleapis.com	capitolcanary.com
1	js.adsrvr.org	capitolcanary.com
1	www.googleoptimize.com	capitolcanary.com
1	about2.capitolcanary.com
204	45

This site contains links to these domains. Also see Links.

Domain
app.govpredict.com
www.linkedin.com
www.twitter.com

Subject Issuer	Validity	Valid
capitolcanary.com Cloudflare Inc ECC CA-3	`2022-03-25` - `2023-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
app-sj20.marketo.com Cloudflare Inc ECC CA-3	`2022-05-02` - `2023-05-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
drift.com Amazon	`2022-08-24` - `2023-09-21`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2022-10-09` - `2023-11-07`	a year	crt.sh
grow.clearbitjs.com R3	`2022-11-13` - `2023-02-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-01` - `2022-11-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
pathmonk-lib.pathmonk.com Amazon	`2022-09-29` - `2023-10-27`	a year	crt.sh
a.omappapi.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.clickagy.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.terminus.services Amazon	`2022-10-16` - `2023-11-14`	a year	crt.sh
*.pathmonk.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-20` - `2023-01-20`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Frame ID: 8640D5625C47D78D0AAF14C9BC3AE6BA
Requests: 129 HTTP requests in this frame

Frame: https://app-sj20.marketo.com/index.php/form/XDFrame
Frame ID: 3644E0329BF605EB98921D4CC75FC60C
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Frame ID: 167B627924603D51D381C9CAC19F4F0A
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
Frame ID: FE64FBAA64653A19CFC81A9D93F24921
Requests: 33 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2EA5AB0F69E271BE89047DD52AABDDF6
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&upid=21br8ux&upv=1.1.0&gdpr=1&gdpr_consent=null
Frame ID: 58342E60727034EA614BF6AAB24F777E
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&upid=21br8ux&upv=1.1.0&gdpr=1&gdpr_consent=null&ret=916
Frame ID: 7D756DDE6285A152EAFEAF9E03FA1376
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FP Win with Capitol Canary - Capitol Canary

Page URL History Show full URLs

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257Vpy... Page URL
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvS... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

204
Requests

97 %
HTTPS

55 %
IPv6

32
Domains

45
Subdomains

41
IPs

7
Countries

2267 kB
Transfer

6705 kB
Size

32
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://app.govpredict.com/portal/moneyball/donor_lookup?iframe=1
Title: Donor Look Up Tool

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/capitolcanary
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.twitter.com/capitolcanary
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257VpyZ8vB2g4o70EbiGY= Page URL
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://s.adroll.com/j/exp/HVQJW343KJAW7GWROKSEFP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 76

https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 84

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1669136736388&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45840%26time%3D1669136736388%26url%3Dhttps%253A%252F%252Fcapitolcanary.com%252Ffake-page%253Fmkt_tok%253DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1669136736388&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1669136736388&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&liSync=true&e_ipv6=AQJq9XNQKxpvuwAAAYSgTWNGPt-rHjKDg3HLzUfa7kYGphRHMQjwiLjy8ZynXj62ccGAECC9

Request Chain 94

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:de54a8a53313ed66007ec528b6b71169/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D

Request Chain 95

https://aorta.clickagy.com/liveramp_redir HTTP 302
https://id.rlcdn.com/711861.gif

204 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 302
Found NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257VpyZ8vB2g4o70EbiGY=
about2.capitolcanary.com/ 523 B
992 B 264ms
133ms Document
text/html 52.184.251.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257VpyZ8vB2g4o70EbiGY=

Protocol

HTTP/1.1

Server

52.184.251.130 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

adobe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-Bprp4vxw4A4CAtjkdzZM5SVQalnWbMIQKT3a/fwehsA=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
content-length: 523
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-Bprp4vxw4A4CAtjkdzZM5SVQalnWbMIQKT3a/fwehsA=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Tue, 22 Nov 2022 17:05:32 GMT
referrer-policy: strict-origin
server: adobe
x-frame-options: SAMEORIGIN
x-request-id: df0fa6f7b8c73c12

GET
H2 200 Primary Request fake-page Show response
capitolcanary.com/ 94 KB
21 KB 1736ms
1632ms Document
text/html 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g

Requested by

Host: about2.capitolcanary.com
URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257VpyZ8vB2g4o70EbiGY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

00dc3e3e836bb5f63188a35f1612f81c787085926dfc064ef479ef19adb5cf92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: http://about2.capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76e340269d655b86-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 22 Nov 2022 17:05:34 GMT
link: <https://capitolcanary.com/wp-json/>; rel="https://api.w.org/" <https://capitolcanary.com/wp-json/wp/v2/pages/18905>; rel="alternate"; type="application/json" <https://capitolcanary.com/?p=18905>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMeNfXU85jlbGfWBGd0tXtFa%2Bd6D3VA7d8CzdUjx6s%2BpcFo50j6C8henZRK12J43kIiM4GDV%2Bx%2Bwtni6RRCOicbp7h6BD8uSS13FAO9UMPvJwZe%2F7Gx%2BJue6gJ2G%2FmgM%2F1EB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: WP Engine
x-xss-protection: 1; mode=block

GET
H2 200 fa-solid-900.woff2
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 76 KB
77 KB 64ms
59ms Font
font/woff2 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84688
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Fri, 21 Oct 2022 14:21:27 GMT
server: cloudflare
etag: "6352aae7-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I85yO8%2BEYbyi6Iace5CNxRzQiaadTaYTe2fktYko240OrA7t5UO%2B8Xw8Me6qdDXmCMRBMkJC7CW0OQHVlo79KLVl1TGT74nsRTG1PD3I44zHFR05p4fkp17EiGYXSiuTwtuS"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76e340311cf65b86-FRA

GET
H2 200 fa-brands-400.woff2
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 75 KB
75 KB 107ms
102ms Font
font/woff2 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84688
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
last-modified: Fri, 21 Oct 2022 14:21:27 GMT
server: cloudflare
etag: "6352aae7-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCkgJX%2FsQOs%2FtpEhbDh7sES26%2Bf3CjRJ0AKE6qn94sp3rFj5iqVFo%2B%2FWNoyBbZ1hYnqdi3cyS6EaBsPM3ZU9m0UU97fvSQ41wLcVmb8whPOsfLj%2Bo0lEEtAMNqmufYz5JnVQ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76e340314d5e5b86-FRA

GET
H2 200 classic-themes.min.css
capitolcanary.com/wp-includes/css/ 217 B
485 B 695ms
690ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/css/classic-themes.min.css?ver=1.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 13:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63723cec-d9"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MO%2Bt3bPUY4Cy5Gn4DgQSygGReMDqZim8B4QxGryPsIOudb0yuHHOIpunAHC3VFG2KZEG4WOKOZ455%2BjCHyNqBEHAr6GrYZ4P5ESPmkP4X9%2FQ6MRuRNN3sAn9zRW7GTA8n2Wr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311cf75b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 18905-layout.css
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 44 KB
7 KB 634ms
630ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/18905-layout.css?ver=9979697b107f9f30bd28c4999cf8f7b0.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcab47f7ecc09894e162123c7a1ab34493022f3cf0d93006dbb2200d9e83d8ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:37:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aeb2-b10b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZf8sxD%2BISK0MgnGFS9DBfbxQGKfPIvZVmiu4JhS5Y3A1i2nfKkbrIh4v6I6kYhFAFuqVIHyYYk1oFJjW%2BXPb%2FV8tN%2BCpG5Qi6nv9EaBdf%2B7H1l%2FMjRaN6H2eaYkHo%2Bq9gj4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311cfa5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.css
capitolcanary.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 758ms
754ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:21:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aae8-aab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwYFj12uA2l5npz4oB0F6lV0tCoJmspCgiTOkSSfIixX522SlOmALk2tQ%2BC%2FthD5XazeAxVYYdz4w31RJt8xm9tNM%2B3A8XSDQA91Y4fkCntv1Ea3%2BaYyZ6s80IVjTsOYngL8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311cfc5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wpa-style.css
capitolcanary.com/wp-content/plugins/wp-accessibility/css/ 5 KB
2 KB 903ms
900ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=1.7.10.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13031d4ec04980984b56e9152739c608e15fcda23007e524117198f054385eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 13:05:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63723d0d-1461"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i08yG9hrIrPqJRlphRYmt5vY2paXre9If%2F9QzXAGbGg%2BwKpFJ%2ByG%2B5q4MmZySJ3K4JLfK5hwJ8dgc%2FNrelAEfB6R00n8pQ3YD4DRbN9KPqldzFR349NRc%2BMymBNgRUMsrrs3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311cfd5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 all.min.css
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/ 58 KB
13 KB 645ms
642ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.6.0.3.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aae7-e7a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rtl%2BTgFuiclQ17vFhpe3AWjnd7mSzhKZO57g9lbStDQFsX2YX8miz8GpqW1iwnKiw1d7lbTFGC7FARedb1YHYOLdBpkn5AIdm%2Fn26Cqoky0LNjcxLikCmhQJbSDyOIS%2FaaIP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311d015b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 001c70dee6b0a93cb7b18cb061cdef65-layout-bundle.css
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 193 KB
15 KB 652ms
649ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/001c70dee6b0a93cb7b18cb061cdef65-layout-bundle.css?ver=2.6.0.3-1.4.4.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c1bc6cec5b212cf9832c2b1c54ab014e6cb9b0fff393c8cd698febe472012f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352ad00-3035c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rwt1uO1GP7yHJwIabBbbhsQdR5xzQY9TkWMOr02xLpOMId5Qz%2Fk7GE71AcuIYyBQAc8Fx%2FmM1YQols1Otc206777%2BW9dY6jRqi745WeEEb16%2BgPsx8SseuI3g4vXSlkgef%2Bw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311d035b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 themify-icons.min.css
capitolcanary.com/wp-content/plugins/dflip/assets/css/ 14 KB
3 KB 682ms
680ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/css/themify-icons.min.css?ver=1.7.32.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Jul 2022 19:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62c33b38-3605"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orVrBAVawbpHco7144lko%2BUz69%2BaycijeaX880Pi9CIzs2OmacIWzaBTRUOiDCNL%2F0XYTxOMs%2BX9O4d0VcN2I8MzzBbQJNsJUWWQNu7KLIAFZ1Iaag49jE9KyI5dXlLPDN7%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311d065b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dflip.min.css
capitolcanary.com/wp-content/plugins/dflip/assets/css/ 26 KB
6 KB 741ms
739ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/css/dflip.min.css?ver=1.7.32.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Jul 2022 19:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62c33b38-6932"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OERQsq2yoUn5fOpKcwKtxoutsXFBMsDjj6JD51pW6PADeqydaFFMYdL%2FPo%2F2OJ9wcRFH0msvI%2BPyAozU9N7vYhu0zhiNlJprYeirtQtCoyJTLRVuRnPhYUO77Pl9si%2BqazLF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311d0c5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 default.min.css
capitolcanary.com/wp-content/plugins/tablepress/css/ 5 KB
2 KB 697ms
694ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 24 Mar 2022 17:56:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"623cb0c4-13e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgkKV5NDEkeNwMen7ALMs7z%2BEX7lNYXqdmP3n8jA%2B5kXTPw7b1ojX1jxWjKHsWiAqezq0Z03HzdOmnZeHoGydrNxjl%2ByJUe9ZlSeFErBptRiVBkkk6ZO0jluP9%2FA3vGeuk5R"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340311d0e5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bsfrt-frontend-css.min.css
capitolcanary.com/wp-content/plugins/read-meter/assets/min-css/ 565 B
515 B 720ms
718ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/read-meter/assets/min-css/bsfrt-frontend-css.min.css?ver=1.0.6.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa5201729bac890535667e48073ab88a75040b0858a54292ec020832e4aee24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Jan 2022 12:12:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61f7d231-235"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdqXtSxa8yqRDdNrcL1KhOth4MeayNInaqLlTbe3Yglvt9UDPRt6JGzqs5umXP0z7W%2BYObqVwENEgw2qVc42yW7MiiTnooVBDVkFmgy65WoUOLI40KSdqtAYylyP2zTw4dSl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340314d585b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.magnificpopup.min.css
capitolcanary.com/wp-content/plugins/bb-plugin/css/ 6 KB
2 KB 693ms
691ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.6.0.3.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aae7-169c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGp%2BYyi6fulnIUTr6oKpGEUtNTAjGh7gl%2B0IRsX4MasRSLHSRfRTxqrdVLlGjoYFimq7V2sflpvlMjEuPjPAuvc1Qn%2BMezkAXYTiYqqct1cGAL0Vg8nzq3ZgiadsCvHcRHVU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340314d5a5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap-4.min.css
capitolcanary.com/wp-content/themes/bb-theme/css/ 158 KB
25 KB 727ms
725ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.12.1.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Oct 2022 21:05:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636038a3-278b4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zoov%2BA1K5FH%2FthkC8hGDZr60dQV9zoUHPOQlriT11T8ZNrP1rzcoPlAZF3%2B2AB%2B%2BhrxcGiJt5WYHFxZqe6HNkAJ76AMOxQf71zID72oJqUSI%2Fq%2F4o7Qw2SPoaQ%2Fe1LyIXNL6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340314d5b5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 skin-636038a79394c.css
capitolcanary.com/wp-content/uploads/bb-theme/ 74 KB
10 KB 708ms
706ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-theme/skin-636038a79394c.css?ver=1.7.12.1.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83e5546eeacb459a6444dfd0cbb5ca8cdb7b3f999954d2c554013f3a7f9694b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Oct 2022 21:05:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636038a7-126bf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P08vd8bpDXnLrVc2nBDcxvJFfH5I9qBzDAD4%2FwcDvmC72tbFeMVKud5unmWGjCMYFGdUkzCkAwO48fXQaK6RI3H45FIvvTBEPAxq%2FWNiRTbIgNXLM3knDIT7UCQiWvohSzuC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340314d5c5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
capitolcanary.com/wp-content/themes/capitol-canary/ 91 KB
13 KB 691ms
690ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/style.css?ver=6.1.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f4794aed81240b36ae426759588a1d6a7762b0dc9deed3a00046086d986f2dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 29 Sep 2022 22:08:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6336174d-16c09"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjK830NEmoK3RoRr2UYlVxRNtPUEZLV27QuKz8TaNWZonPjQHH0517ogb%2BUJOJFfUh3IE1WbRMShZVjqpRxpAVGSfYr4JE1%2B43i1%2Bj04FEjS2up29eMKSEmwqrmnd0BJ%2FSv7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340314d5d5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.6.0.min.js Show response
capitolcanary.com/wp-content/themes/capitol-canary/js/ 87 KB
32 KB 738ms
736ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/js/jquery-3.6.0.min.js?ver=1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 11 Mar 2022 15:19:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"622b6877-15d9d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPN3emeOWoOS1tOqYeXdNNtY3mXRsLkRrndLzdq03FVZiH%2B%2BUMDrCNvYWYJp2%2Bv4WabEM1tzKY%2Fs5N17JB%2B95TQMERIhcNqy8WSWfTiI7%2FaAzqW6jCgP5S1KtJEh%2Fpp1m9c9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340314d5f5b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 imagesloaded.min.js Show response
capitolcanary.com/wp-includes/js/ 5 KB
2 KB 690ms
689ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/imagesloaded.min.js?ver=6.1.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Jan 2022 12:12:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61f7d229-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjtmGaz3ps8iThwxwvnYXy74YvIhdlcAWu4gz0aK1%2BxzXjnlV0vlmJ5cfPVgwApsrlbixEb6pjSGI4lCGn0S1UQy1EJ1r6Za%2BlYTjB8dGbjFXAuDvIZCkwnFPG%2Ff8QrzdF5%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e340314d605b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
65 KB 238ms
149ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&ver=1669136734

Requested by

Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67945bb1a1d03c7896b446da7780f9d85108094515e39c21ebb22c5c808117c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Nov 2022 17:05:35 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 122 KB
46 KB 137ms
53ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MDVLCWQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2203c94fd25a08e138d90bbb6eb603afdd9559f76fda2c2942441e624a772d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Nov 2022 17:05:34 GMT

GET
H3 200 capitol-canary-from-quorum_black.svg
capitolcanary.com/wp-content/uploads/2022/09/ 19 KB
6 KB 83ms
80ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capitolcanary.com/wp-content/uploads/2022/09/capitol-canary-from-quorum_black.svg
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df8b4fb8cc235e84595dbb9376181d2b8fce1ed6f7ce1430fa99f203da638a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Sep 2022 13:27:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28607
etag: W/"632b115a-4aef"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHDRek3QH9eCFxiOg0StKFx2ev3ZFVj69W1NmslD%2BGKbTytl85VfKgRBFFipJFDRDrdBE8KggM1emuAmsHjy8mOjmXW1XX3tQ4%2BDIM1ziJfxsNlnznkMFV14ujDXop3YKSw8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9999be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 forms2.min.js Show response
app-sj20.marketo.com/js/forms2/js/ 208 KB
69 KB 403ms
81ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
age: 1012
etag: "ee037b-33e51-5ea394834ab40"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 76e340385afcbbfd-FRA
expires: Tue, 22 Nov 2022 21:05:36 GMT

GET
H3 200 footer_capitol_canary_icon.svg
capitolcanary.com/wp-content/uploads/2021/12/ 422 B
807 B 70ms
67ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capitolcanary.com/wp-content/uploads/2021/12/footer_capitol_canary_icon.svg
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b8acc0c1a541b4572172f8c39ff60f586962fa6bb9f1edd840d1d77da1d3818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Jan 2022 12:12:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28607
etag: W/"61f7d22b-1a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV%2FSB6936b%2F9IgePTiLICm7xJ%2F3pqJcwUj7RzsBYk7BhWCNw68CoPOh8p6R6PrnnMQyIanvM67cCBlrSeYxJ%2FxHw1ICQ8qic%2F0GZga51kbWQKYp67LiHimaKBVKzKOSJvA7R"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e99b9be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 128ms
36ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 01:07:28 GMT
Content-Encoding: gzip
Via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 57488
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: c4TDGtS0FmZm760Z9atdZDR6-2na25hfolS-d0Cz3e1XS88BNjY7jQ==

GET
H3 200 18905-layout.js Show response
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 32 KB
9 KB 698ms
696ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/18905-layout.js?ver=71d57887d2fdfa05a24be8f88223c7fe.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd42f5805c4aceed8fd4482f9b87d0fd7fd05eb8d90eeb318952dd665a446999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:37:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aeb2-7f31"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bw4c5SrJYOZIQ8KCUG8FxPuyZ3QLiUT4ehe7%2B3agsfHeuLdeTo5Wqhm%2Bsz00MFyyQWKuLh9donLmtrkZkEpkiW5DFy8sSHpeX2mGMGWi%2BU7pPUHuUKyRd0QMWRarEmgGGMhE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036d93d9be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
capitolcanary.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 678ms
673ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:21:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aae8-26d1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BaakKic9Zg80e%2BMsBVzCTz5qSAuj4a6P6TDjb421A5tLKdOEQvwoB9ARqlQUkdn4QYSI5uDyCgqdAprk1pWuPm8tEQYVp7euxmvhbl4gGS%2BGVvd%2Fjv22T%2B4a6mIH2wgvFEV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9579be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
capitolcanary.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 657ms
652ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:21:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aae8-3016"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfOEGPXxpQhAcTP9h7zlwfEuPWXcSEim16wjmg%2BYjpliF%2B7bAeE55GsxBcFULKI%2BH14gPcdmB25bbEg9uBm0PGVgNwyiagoKZSJpl11M8Nw9RTcE7uirjzuiqgKATfNEVTWJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e95a9be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.ba-throttle-debounce.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 731 B
924 B 715ms
710ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.6.0.3.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aae7-2db"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6CDy5va2UX3opwbqjMUr3ndOwERve13UBgDIc3vWrGYd5bGPC29K0mETEtw4J5D5NwSu6BSzPXcIyecXV6vLC8BYCFW3iMby58EmEHdXD5xtZRJeVmuQPAIeEonZESzpd4Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9639be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.fitvids.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 2 KB
1 KB 697ms
693ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aae7-6f6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDvkFo0g8y8lKycEcMwbSTFEPpj%2BUsAS6eTzrxpAu%2BleHvn4DR%2BT%2B798Kl4St6J8vmEQD2cmPM1ZSb3PrgPGnY5XBu5pqjHT78LSgohmP4n%2B8Abr88WnPqO52IQAPGke3bkc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9679be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js_cookie.js Show response
capitolcanary.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/ 4 KB
2 KB 640ms
636ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/js_cookie.js?ver=6.1.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Oct 2022 13:08:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63480dd4-e70"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQzsseFpcDaTl4orMxw4BNngt5J14KllTY450VALLS9khg6BIPq3u6CH6ACXFquud9sRx0asCT50Tr3pnH%2FTEhw%2Bm1IAs1K6jHSClY556n1Pxrgv17mHZ2cJQKoIuxFbF05r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9699be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 081a73205b37309aed57e238e2df66ba-layout-bundle.js Show response
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 83 KB
13 KB 714ms
710ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/081a73205b37309aed57e238e2df66ba-layout-bundle.js?ver=2.6.0.3-1.4.4.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b997771b977af3bec6771596b6226b9d56c25a96ac5a321f925b369e4fd18e28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Oct 2022 21:05:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6360389a-14b11"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLDBcoQ6wCVqyTdXloFBAHnaK53lXH6N3sD3%2BHdi9TVrTIVa9D%2Br1IrRD6VtJR4yQKCQPtEu2XkvYMb261UYg6ZbW7LOm3KlJBTyyCegq2lh%2FltBKQPjbZoD2%2FvgPRA9sV3t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e96b9be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scripts.js Show response
capitolcanary.com/wp-content/themes/capitol-canary/js/ 3 KB
1 KB 697ms
693ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/js/scripts.js?ver=1.0.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698cd435eec4c16ebf0fc24cf4dd5aca96d7b96a1b017742f5a98b403a4a6b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Jun 2022 16:27:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62b5e5ff-a99"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT%2BPHq6Ds33FTtNPcngvqwZAHURr3%2BOkvbYNmUaOOhB2KDUa7faLgB3GRu09p2h5KpBXwvVstP02qOnYbvQMFP9oRGy6L3g2r1jUSD632FLM0Gj7QYmKto0vPWdxd6yFihvl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e96e9be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dflip.min.js Show response
capitolcanary.com/wp-content/plugins/dflip/assets/js/ 125 KB
40 KB 736ms
732ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/js/dflip.min.js?ver=1.7.32.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89883270ecd3fd6c1f20edf2008ed776a34c017f95ce34ccf1568c900c302474

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Jul 2022 19:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62c33b38-1f586"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJP8RhJZQhVzD8RO7oen9d%2BxABSfl%2FUI3iNqRifTX32YpfIRwTmfoPT3KqhW1yyce4kiKvpAo7dP8Ro1Kfk%2F0fDvcoFW1%2F%2FPSIvxLiBBF2szuagDakAcfJ1AG0yP7WuJfiWD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9719be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 smush-lazy-load.min.js Show response
capitolcanary.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 697ms
693ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.12.3.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 15:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6357ff00-1ef2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlP%2Ft97hymWTNpVBdAP8JqF5tnqFy0i90nWOLWx6RFU6g03H4XxweUjmlaRl9Gr0Cus5OLSmad3oNmXv3tb3zKkrcvtD%2F%2F9EWpfZmX1hZIWlnwoP4UnjtHviE%2F%2BrBTeIJ8iR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9749be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-accessibility.js Show response
capitolcanary.com/wp-content/plugins/wp-accessibility/js/ 11 KB
4 KB 697ms
693ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/js/wp-accessibility.js?ver=1.7.10.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88a7f2522dd8c93c1f5007fcbcd059cff32a895cdab67e4d0398e94e950fbb65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 13:05:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63723d0d-2c20"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIH%2BpP1JEgSjX4mIC4DG2Z27RWJ6nTzEme%2BGC4siZdBtRiJ%2F%2F4aSACifSo7q9OJjOyu%2BuxPiwX3S3I7%2BGi%2FmqAKv5nkOnCUCJhiPXIzSQnniS2EVPCSsWMDXRqLWeF%2FYnXq%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9779be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 longdesc.button.js Show response
capitolcanary.com/wp-content/plugins/wp-accessibility/js/ 3 KB
1 KB 761ms
758ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.7.10.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c78d6a2624f38e659dfad31d402bbda31897361e2ea1a4ef04bd1e78d41b85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 13:05:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63723d0d-cfa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtWb%2FbL4RYcifxlNLbW%2BfJJm%2BTGfOj%2BOlGLtxkfzBEJ1rTOTHmr65nNZZKDmxCZ3XVN5GOJzp92fNPRIQJhsc568Dxqf8J4HnbptcwBwaFWDk2ra%2BqhHCiXfWqRmUUN5X1sY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9889be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.magnificpopup.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 19 KB
8 KB 657ms
653ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.6.0.3.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6352aae7-4da3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8Jdk6ad07GUtjTSfYffCBgCJ%2B3KysN7itl9T%2FFQjoGZVH9aXXa4TAcdCmcxcGK87C2Tby4LLzzv7PFGA2pqdlv2Zf3%2F%2FkY9aDVoDiGHXJrMcXj%2B5GzGpYxNctcRzce1h6TC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e98e9be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bootstrap-4.min.js Show response
capitolcanary.com/wp-content/themes/bb-theme/js/ 61 KB
16 KB 776ms
772ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.12.1.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Oct 2022 21:05:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636038a3-f3bf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcE45pnd4myQ0nY4jSYaLaPKeGcm4DkamyiaEQ8jK%2BshIYM8f3yfWnBTU9dj%2BOJWQqMgFETFIH34K6zhWSyiD6wTJTbwMsIwuoafHzvM6HCv9menEOWHhZzRBB%2FXXr4nIUwo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9909be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 theme.min.js Show response
capitolcanary.com/wp-content/themes/bb-theme/js/ 22 KB
6 KB 233ms
229ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.12.1.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ea6f7fef85c34966443f26f211f936fdb27746401ee96156888d52c56493ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Oct 2022 21:05:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636038a3-595f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWFSJt9s3BqP6JR48gudMPxAYDouw3%2B3jBRhD6DmGsJHjNTotFfpFKxn6C%2FYHzpK%2BMClrXebjGglC8gal8Tng98G5sgwN131kcGgMraZ6qAI8aq77nhINmaatF5qrbFPErZj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9959be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 helper.min.js Show response
capitolcanary.com/wp-content/plugins/optinmonster/assets/dist/js/ 2 KB
1 KB 776ms
773ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.11.0.1669136734
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45bd57a08f2ab75688b262993ca9687a1997df152860a1c146b863751719a6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 13:05:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63723d09-826"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnsD%2FVEFdRXMAyQesX08jtywnE4sir4TYVJtajW2zj7QAWf7JZAnl7UeVviEJZyYeL4F6kpwPoJWGLXORppC8Aq9VcMKaJACCkCr47TKpvbGqKON3B1hcqmoZc5jocKxYGAr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e9979be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
capitolcanary.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 89ms
86ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Oct 2022 21:05:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 434490
etag: W/"63603888-2063"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BB9wiqYKV4clmLA%2BKCPgGvaqWEAg0%2Bd1AWylhMPTcs1deqBSle0HIyh2XY%2FJLK0JX9Y94J5utPONEknLYXCxxLPZqPE3Gas8EeA8v%2F6y59JOTQSb8gG7ecKZ1PRzsQ9LrosV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76e34036e99c9be6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 147ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Requested by

Host: capitolcanary.com
URL: https://capitolcanary.com/wp-content/themes/capitol-canary/style.css?ver=6.1.1669136734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ef3a96924cdd39f4ebd6efe627eab4d9ad621850e29abcc0b8b6d65cbe95268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/wp-content/themes/capitol-canary/style.css?ver=6.1.1669136734
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 17:05:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Nov 2022 17:05:35 GMT

GET
H2 200 fapv5tguvsk6.js Show response
js.driftt.com/include/1669137000000/ 211 KB
60 KB 275ms
156ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1669137000000/fapv5tguvsk6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0a4a68011410d87295e6c0beca23809f99ad75b1151922daa40a7e1a28d7521a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
x-amz-version-id: IYTe_K3dVGydwXyIHNPaLqOnCwVXn.vj
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Tue, 22 Nov 2022 16:34:02 GMT
server: istio-envoy
etag: W/"c50e8c520371fc3b49567eb9c2c215cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HsqphffWfRI_BL8XT2OkxXd_KFKZjVPHb15HHlL0aWtSzn6fk4vfWw==

GET
H2 200 614388d3366fa2001cc5a5fa Show response
ws.zoominfo.com/pixel/ 7 KB
4 KB 291ms
201ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/614388d3366fa2001cc5a5fa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2490e3c50e40eb0dc7ee7938faab952b6fc060473df60590ce4e32a504d7325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 76e340376b61929f-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 130ms
37ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:05:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 499ms
119ms Script
text/javascript 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: cfb7ed752bcc08ab3de3ea23df456b270d5c8c5765fc5169333812cd3f2d5b7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 22 Nov 2022 17:05:36 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5392
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
65 KB 195ms
107ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-MDVLCWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fef79f02963a95547204728088b53f828310d23db1371f5402e368562ae1028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Nov 2022 17:05:35 GMT

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 2 KB
979 B 821ms
234ms Script
text/javascript 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1669136735798

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , Sweden, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 76e3403a8ab8bb83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 265 KB
92 KB 142ms
54ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0331377fb85665cbff162ae49885e3b4e9e94f8568065c551c5556e5dcc0d6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93965
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Nov 2022 17:05:35 GMT

GET
H2 200 SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2
fonts.gstatic.com/s/ebgaramond/v26/ 39 KB
40 KB 120ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 05:47:20 GMT
x-content-type-options: nosniff
age: 559095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40144
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:16:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 05:47:20 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 147ms
80ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 401053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 01:41:22 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 43ms
43ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:05:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Thu, 02 Mar 2023 17:05:35 GMT

POST
H/1.1 200
OK visitWebPage
486-vki-494.mktoresp.com/webevents/ 2 B
318 B 1018ms
186ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://486-vki-494.mktoresp.com/webevents/visitWebPage?_mchNc=1669136735983&_mchCn=&_mchId=486-VKI-494&_mchTk=_mch-capitolcanary.com-1669136735982-83590&mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&_mchHo=capitolcanary.com&_mchPo=&_mchRu=%2Ffake-page&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Fabout2.capitolcanary.com%2F&_mchQp=mkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:05:36 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: c6e26442-b233-40d3-a931-a64ba0bf6a04

POST
H2 204 collect
region1.analytics.google.com/g/ 0
348 B 142ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MR1REW8MSK&gtm=2oeb90&_p=660645352&_gaz=1&gdid=dZTNiMT&cid=185617743.1669136736&ul=en-us&sr=1600x1200&_s=1&sid=1669136736&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-MDVLCWQ
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
348 B 144ms
48ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MR1REW8MSK&cid=185617743.1669136736&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 160ms
75ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MR1REW8MSK&cid=185617743.1669136736&gtm=2oeb90&aip=1&z=53192030

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 54 KB
18 KB 165ms
38ms Script
text/javascript 2600:9000:225e:6400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08aae9a8ab692ff09afb7d64586796411846f542beb71cbac84652c841e3e4b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Amz-Version-Id: nyGK.p4AMdUYdI_Cc7_v_Tu8krsmgtEj
Content-Encoding: gzip
Via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Date: Tue, 22 Nov 2022 16:42:18 GMT
Age: 1398
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2022 03:05:14 GMT
Server: AmazonS3
Etag: W/"180f14486064cffef491cd1b7b69c069"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: b-hLRjkFOiWuvPNl6vw5uD7JRHtfsfHksZX5cN-MP-kRmTWr7BCxCQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 130ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 22 Nov 2022 17:05:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zRZ1vLXufdzV4g3YY2mxdyG/kM+uLscEtvPRnxu/WEArNgO+RhNUn6YRuNTlT+0kIkQ5p3+/+Gc6Tdihn3tpFQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976554992/ 2 KB
2 KB 143ms
53ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976554992/?random=1669136736114&cv=11&fst=1669136736114&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&auid=339487991.1669136736&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e8190419619e17bcebc2396df4b657f199190022ec1e4b17a9283024258913e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1019
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 140ms
37ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 22 Nov 2022 15:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6582
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 22 Nov 2022 17:15:54 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 144ms
38ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=49842
accept-ranges: bytes
content-length: 4581

GET
H2 200 6673.js Show response
script.crazyegg.com/pages/scripts/0110/ 6 KB
2 KB 200ms
69ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0110/6673.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24d9e96411f85aaf840cb0db9ee24594ae35996cef4e69906ea18d6fb268db8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6670
cf-polished: origSize=6088
ce-version: 11.5.3
cf-bgj: minify
last-modified: Tue, 22 Nov 2022 15:14:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 76e3403a7f4a9085-FRA

GET
H2 200 1425.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 589ms
410ms Script
text/javascript 2606:4700::6812:1e49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1425.js?p=https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&e=

Requested by

Host: about2.capitolcanary.com
URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257VpyZ8vB2g4o70EbiGY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: 57275272-6375-478f-8bf3-60b964f5a426
x-runtime: 0.003624
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 76e3403ad938918c-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 132ms
56ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60bd153e96e839cf4297dbcc8bf52c7cca9b12ddc969abb8b5d932550f223dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Nov 2022 17:05:36 GMT

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 201ms
114ms Script
application/javascript 2606:4700::6812:2eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/614388d3366fa2001cc5a5fa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b600f1dc62b172effa1611f27da2410354b23d9bc79f34a525821752fafcde83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
x-amz-version-id: eiH8z613.BRzukjofzW7pfMQ5QqyyUJw
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 2200
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 07 Oct 2022 12:51:20 GMT
server: cloudflare
etag: W/"39cbfce65efed785f567d3a64646eed5"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 76e3403a4bd19b33-FRA
x-amz-cf-id: mSDaJgq-YdJWY2HFBm7xtmOBoa9X4fyjkLFbNh4xRMQBWnh_vpM0Kw==

GET
H2 200 getForm Show response
app-sj20.marketo.com/index.php/form/ 8 KB
2 KB 90ms
90ms Script
application/javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-sj20.marketo.com/index.php/form/getForm?munchkinId=486-VKI-494&form=2574&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page&callback=jQuery112409592473345525396_1669136736179&_=1669136736180
Requested by: Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.80 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e23ae12acc4e0682e994aea25d669a2eb2c3b23227cbf481a0561ad36cbf62e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 76e340394d08bbfd-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 plugin.min.js Show response
pathmonk-lib.pathmonk.com/plugin/ 28 KB
10 KB 170ms
37ms Script
application/javascript 2600:9000:2093:2400:5:b2d2:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:2400:5:b2d2:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f575d629b539dfe8d8925621fa60729e64e64ae2a6ca371c215d560710bb61f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Vu6xiGVOlGJHKnzyeS1jAfdyOn_oB8_e
content-encoding: gzip
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac40.cloudfront.net (CloudFront)
date: Tue, 22 Nov 2022 16:03:12 GMT
last-modified: Fri, 20 May 2022 21:40:25 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 3981
etag: W/"484cb233926da7d2db76e6e88989a775"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=27200
x-amz-cf-id: eLFfUG7gX9BdBjKRs-l5gcwWUiYyAnq9juftk_Ie-PeKBMk7XDZ3wQ==

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 80 KB
28 KB 163ms
38ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: 96dec63fd944241d18ec974da0808f68fffd2624424237c1a24b5fe36b6374e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cdn-edgestorageid: 1056
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Fri, 18 Nov 2022 22:08:43 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 492
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6378026b-13ef5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 47bc4257020503f9af0ce30e56623c28
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
www.google.com/pagead/1p-user-list/976554992/ 42 B
548 B 146ms
53ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976554992/?random=1669136736114&cv=11&fst=1669136400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&fmt=3&is_vtc=1&random=1949606161&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976554992/ 42 B
64 B 130ms
52ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976554992/?random=1669136736114&cv=11&fst=1669136400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&fmt=3&is_vtc=1&random=1949606161&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 79ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 22 Nov 2022 17:05:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ov2YEHW8NC3ehWCfEY5MbkZNgQF8r0Vlp5CrtYd7YxKGVNo82a0dEwsn/Am4xE2MH9alQXKtimBsTkFFWmdpgA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 656507917815711 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 115ms
75ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/656507917815711?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63d6347d7105db282ca81c10db370efa15fc1b564f9c17cf35c608edde582e4d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 22 Nov 2022 17:05:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86096
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Asmn+exn2w7XvYVUV1OhtAbep7qJe+KBdaKjYATNjASx0asl+aLbz3oHvdYwvh8Wrpb+N0l3yN6gh0U2K34Q5Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 forms2.css
app-sj20.marketo.com/js/forms2/css/ 13 KB
3 KB 79ms
79ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
age: 1001
etag: "d603f0-3437-5ea394834ab40"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76e34039eeb6bbfd-FRA
content-length: 2623
expires: Tue, 22 Nov 2022 21:05:36 GMT

GET
H2 200 forms2-theme-plain.css
app-sj20.marketo.com/js/forms2/css/ 828 B
348 B 117ms
117ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
cf-cache-status: HIT
age: 18
content-length: 246
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
etag: "d603ee-33c-5ea394834ab40"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 76e34039eebdbbfd-FRA
expires: Tue, 22 Nov 2022 21:05:36 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVQJW343KJAW7GWROKSEFP/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

77ms
39ms

Script
application/javascript

2600:9000:225e:6400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: HTTP/1.1
Server: 2600:9000:225e:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Amz-Version-Id: 3TnMO1iw0qw17MhnYw4sprJhuU7ahGp7
Date: Mon, 21 Nov 2022 21:11:17 GMT
Via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age: 71662
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Fri, 14 Oct 2022 18:57:24 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ocHAWQxpYRoDynVP1dUX0nZeH36KOnSPrN_Q2LFnf14LyFi-v0ychA==

Redirect headers

Date: Tue, 22 Nov 2022 11:17:04 GMT
Via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age: 20912
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: LBnWkcc63rF8joMdUe8Lu_93K6RcSV95fHtzAFLvLneDx1eXjbHhlA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

51ms
38ms

Script
application/javascript

2600:9000:225e:6400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: HTTP/1.1
Server: 2600:9000:225e:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Tue, 22 Nov 2022 03:03:24 GMT
Via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age: 50571
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pulqcmeD7QTaXhDqnAB1vFPVkoJ7hq6yfRfVZmEPvyYDdm8Hvq8lgA==

Redirect headers

Date: Tue, 22 Nov 2022 11:17:04 GMT
Via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age: 20911
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -7yepW6b67fIjjDhFLJ1memxg66a8sq9lKzLYtKzABvlKlo6cxPgwg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/ 4 KB
3 KB 109ms
38ms Script
text/javascript 2600:9000:225e:6400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Amz-Version-Id: Tqve24mNhBxpK1a.9ZUrTr3OQOb5DTqH
Content-Encoding: gzip
Via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Date: Tue, 22 Nov 2022 16:56:38 GMT
Age: 539
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 21:12:06 GMT
Server: AmazonS3
Etag: W/"a7bb70ece1e3f0f3879dcfca4857a770"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: i7rIggQvnG7sV8TCtN52sUDDBmyTpzdwGxg2Eg17k6fCunVg45SHcA==

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 118ms
117ms Stylesheet
text/css 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: a55d0c890c624efdb6eeac4f492c995e7a348b1c070a40d960b028ecea05b31f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 22 Nov 2022 17:05:36 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 470ms
117ms Fetch
image/jpeg 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 22 Nov 2022 17:05:36 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 124ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-80CPFVSEDB&gtm=2oeb90&_p=660645352&_gaz=1&cid=185617743.1669136736&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669136736&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 139ms
46ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-80CPFVSEDB&cid=185617743.1669136736&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 79ms
76ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-80CPFVSEDB&cid=185617743.1669136736&gtm=2oeb90&aip=1&z=404429481

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/45840/domain/capitolcanary.com/ 36 B
376 B 38ms
38ms XHR
application/json 2600:9000:206f:3600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/45840/domain/capitolcanary.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Nov 2022 16:11:43 GMT
content-encoding: gzip
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 3233
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: KrZixYmuYAXCimNBhPDyCVTAzOVVkj-_HtHyYU-4vgWF2CpzSBGQtA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1669136736388&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45840%26time%3D1669136736388%26url%3Dhttps%253A%252F%252Fcapitolcanary.com%252Ffa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1669136736388&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1669136736388&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd1...

0
264 B

464ms
211ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1669136736388&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&liSync=true&e_ipv6=AQJq9XNQKxpvuwAAAYSgTWNGPt-rHjKDg3HLzUfa7kYGphRHMQjwiLjy8ZynXj62ccGAECC9
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6AC0A7D40C864906A4335C464120C77F Ref B: FRAEDGE1521 Ref C: 2022-11-22T17:05:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuEi5Su/TrX6Rxac+/Dw==

Redirect headers

date: Tue, 22 Nov 2022 17:05:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3EF7C06284CB4CE5BC91D5FA47EE3B02 Ref B: FRAEDGE1519 Ref C: 2022-11-22T17:05:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1669136736388&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&liSync=true&e_ipv6=AQJq9XNQKxpvuwAAAYSgTWNGPt-rHjKDg3HLzUfa7kYGphRHMQjwiLjy8ZynXj62ccGAECC9
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuEi5Ll7auSQBzfAyvTQ==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/45840/domain/capitolcanary.com/ Frame 0
0 151ms
37ms Preflight 2600:9000:206f:3600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/45840/domain/capitolcanary.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://capitolcanary.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 13124
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Tue, 22 Nov 2022 13:26:52 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-id: 7_M3IhxVUAjNcmDJKaCV5ofkmljuEtxQIgDahCHhYuS5ZPtfW-xc9w==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 122ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=660645352&t=pageview&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1230606012&gjid=522035379&cid=185617743.1669136736&tid=UA-33465110-1&_gid=266677562.1669136736&_r=1&gtm=2wgb90TS9B9K9&z=563258317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HVQJW343KJAW7GWROKSEFP Show response
d.adroll.com/consent/check/ 453 B
546 B 197ms
55ms Script
application/javascript 2a05:d018:cc3:fe04:4055:d9ad:e415:742b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVQJW343KJAW7GWROKSEFP?pv=14274042420.989708&arrfrr=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&_s=96c48056979400ad457aabc5d99e69ee&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:4055:d9ad:e415:742b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 6977fc5b8805e75ff4e95ff35fec37df6b793165bb1c55926cb34c908726d8d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
server: nginx/1.22.0
content-length: 453
content-type: application/javascript

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=660645352&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Zoominfo&ea=Websights&el=Enriched&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=185617743.1669136736&tid=UA-33465110-1&_gid=266677562.1669136736&gtm=2wgb90TS9B9K9&cd2=69485468&cd3=State%20of%20Minnesota&cd4=business&cd5=12352000&cd6=10M%20-%2050M&cd7=100&cd8=Under%20100%20Employees&cd9=State%2CGovernment&cd10=Government&cd11=Saint%20Paul&cd12=Minnesota&cd13=United%20States&cd14=55155&z=1803893689

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 03:25:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49207
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XDFrame Show response
app-sj20.marketo.com/index.php/form/ Frame 3644 2 KB
871 B 227ms
226ms Document
text/html 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/index.php/form/XDFrame

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89a8bee77d21587af1a9e0dcd26a779b62436084eaf136c354ff1bf39f2c280

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 76e3403b49f7bbfd-FRA
content-encoding: gzip
content-length: 651
content-type: text/html; charset=utf-8
date: Tue, 22 Nov 2022 17:05:36 GMT
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 126ms
38ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=656507917815711&ev=PageView&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&rl=http%3A%2F%2Fabout2.capitolcanary.com%2F&if=false&ts=1669136736512&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669136736511.674202418&it=1669136736276&coo=false&dpo=&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 22 Nov 2022 17:05:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 capitolcanary.com.json Show response
script.crazyegg.com/pages/data-scripts/0110/6673/site/ 704 B
634 B 136ms
53ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0110/6673/site/capitolcanary.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0110/6673.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a193d96b7c6ae5f2af4f2f30a4cb64847d98089b3abe820f3d99c743e64940e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6152
ce-version: 11.5.3
content-length: 364
last-modified: Tue, 22 Nov 2022 15:23:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76e3403bee9a997b-FRA

GET
H2 200 mobile_detector.js Show response
pathmonk-lib.pathmonk.com/plugin/ 38 KB
16 KB 39ms
39ms Script
application/javascript 2600:9000:2093:2400:5:b2d2:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pathmonk-lib.pathmonk.com/plugin/mobile_detector.js
Requested by: Host: pathmonk-lib.pathmonk.com
URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:2400:5:b2d2:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 297b11b73f279cda0fd0e85dff57794632a55303e6a08fa2b8b4fd03df1a2030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: OZWfKrwCxc_Os9OoLN_cnSURFf4zZK4N
content-encoding: gzip
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac40.cloudfront.net (CloudFront)
date: Mon, 21 Nov 2022 06:04:36 GMT
last-modified: Mon, 14 Sep 2020 13:04:37 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 126061
etag: W/"341460b9e47d0a286138c94d2601b2a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=172800
x-amz-cf-id: P91Y9Xk3UkZwmtKpuiuFo28I8yYezrMhLO2YQoee3r9K6Ln72do-8w==

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
507 B 366ms
118ms XHR
application/json 107.21.10.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.10.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-10-200.compute-1.amazonaws.com
Software: Aorta/20221117.e7edcc499 /
Resource Hash: dd80297ae38d12c4041a0aa9d237f84c79b70d04be411fc45c45605b19e1288c

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
server: Aorta/20221117.e7edcc499
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://capitolcanary.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 8713b8233aac
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2

404

/
sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:de54a8a53313ed66007ec528b6b71169/gdpr=0/gdpr_consent=false/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:de54a8a53313ed66007ec528b6b71169/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7...

49 B
266 B

173ms
54ms

Image
image/gif

3.248.87.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:de54a8a53313ed66007ec528b6b71169/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Server: 3.248.87.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-87-83.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.135
content-length: 49
expires: 0

Redirect headers

date: Tue, 22 Nov 2022 17:05:36 GMT
server: Aorta/20221117.e7edcc499
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:de54a8a53313ed66007ec528b6b71169/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 9c030152f804
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

451

711861.gif
id.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/liveramp_redir
https://id.rlcdn.com/711861.gif

0
98 B

161ms
48ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711861.gif
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 22 Nov 2022 17:05:36 GMT
server: Aorta/20221117.e7edcc499
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://id.rlcdn.com/711861.gif
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: c164034a1068
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 54ms
53ms Stylesheet
text/css 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Fri, 18 Nov 2022 22:08:46 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6378026e-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 386e684c10ee19135885be45fbd75066
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 i57yvi9bgc3xiejmfo5p Show response
api.omappapi.com/v2/embed/45819/ 3 KB
2 KB 1068ms
466ms XHR
application/json 108.158.46.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/45819/i57yvi9bgc3xiejmfo5p
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.46.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-46-113.bom78.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 7984e9e9681d142e69fdb34546a5982a2a92bdf71c42ccf3a0626387908f42a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:33 GMT
content-encoding: gzip
via: 1.1 873bbee48f85ace664837b914c08ee30.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: BOM78-P3
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-campaign: i57yvi9bgc3xiejmfo5p
x-user-agent: standard--
last-modified: Fri, 24 Jun 2022 13:02:56 GMT
server: Pagely Gateway/1.5.1
etag: W/"dfa5b95a73f96cd170b7e3169240f8bb"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: DyfWRuhTTolO7ldlDQ6sHd1SdeKYUOTsiPGNj4KathrVKRAe6M7nPQ==
expires: Tue, 22 Nov 2022 16:55:43 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 49ms
49ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-33465110-1&cid=185617743.1669136736&jid=1230606012&gjid=522035379&_gid=266677562.1669136736&_u=YADAAEAAAAAAACAAI~&z=1678575972

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 22 Nov 2022 17:05:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 desktop.style.min.css
pathmonk-lib.pathmonk.com/plugin/ 3 KB
1 KB 35ms
34ms Stylesheet
text/css 2600:9000:2093:2400:5:b2d2:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pathmonk-lib.pathmonk.com/plugin/desktop.style.min.css
Requested by: Host: pathmonk-lib.pathmonk.com
URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:2400:5:b2d2:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfe027020696c17e347c93e23e60de05056c2b7c6763bb31e168f073d8dd421a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: i6ezVrwTfinpv28qCr2kzTm94RcH7WHs
content-encoding: gzip
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac40.cloudfront.net (CloudFront)
date: Tue, 22 Nov 2022 16:34:21 GMT
last-modified: Fri, 06 Nov 2020 12:05:54 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 2212
etag: W/"6dac2c07fa2d93d4adf3b6fb97aee04c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=7200
x-amz-cf-id: OefkLiEh8mycj7jD8JaKE2B3v4nmy4uy3vSAw0s3zjC8uKeRYzPTxA==

GET
H2 200 desktop.lib.min.js Show response
pathmonk-lib.pathmonk.com/plugin/ 7 KB
2 KB 34ms
33ms Script
application/javascript 2600:9000:2093:2400:5:b2d2:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pathmonk-lib.pathmonk.com/plugin/desktop.lib.min.js
Requested by: Host: pathmonk-lib.pathmonk.com
URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:2400:5:b2d2:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8f9f49d3876ee779a842453bf2fce64102ebb39ee06b87018573b41d6458e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: EO_ttkYh84fG4yT8bAr65N3qYMTsZKpU
content-encoding: gzip
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac40.cloudfront.net (CloudFront)
date: Tue, 22 Nov 2022 10:24:00 GMT
last-modified: Wed, 02 Feb 2022 09:19:19 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 24525
etag: W/"51708e6336366f3b1c98e5fea861f122"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=27200
x-amz-cf-id: Q7OvDZvtonKQ9qSh3Pjk9ROpYmsWKpgkpB7Bon2GFW4vZrUuqYVNpQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 153ms
75ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-33465110-1&cid=185617743.1669136736&jid=1230606012&_u=YADAAEAAAAAAACAAI~&z=1127682160

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 80ms
80ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-33465110-1&cid=185617743.1669136736&jid=1230606012&_u=YADAAEAAAAAAACAAI~&z=1127682160

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 167B 2 KB
1 KB 328ms
328ms Document
text/html 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1669137000000/fapv5tguvsk6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3df1caa518a23d4a674e208e52851a6c423b319e9d0509ef5119272bb409619d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 22 Nov 2022 17:05:36 GMT
etag: W/"4065185079fdbb4e354b89e495ccd1e5"
last-modified: Tue, 22 Nov 2022 16:33:53 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-id: tDdE-ypf2wXqsUo3MsR-bJPcGYuaAbMKuyOnVpv7AxaLqXXPuT09iw==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: gSnTG0FuzGZRFSAPBBsba8Zxq.ktLEhc
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 11

GET
H2 200 chat Show response
js.driftt.com/core/ Frame FE64 2 KB
1 KB 324ms
324ms Document
text/html 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1669137000000/fapv5tguvsk6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3df1caa518a23d4a674e208e52851a6c423b319e9d0509ef5119272bb409619d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 22 Nov 2022 17:05:36 GMT
etag: W/"4065185079fdbb4e354b89e495ccd1e5"
last-modified: Tue, 22 Nov 2022 16:33:53 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-id: Gc6FgIM7Gw2KFc1D_bZvT9xIdnCekDJO2L4EfQaqmCJKxh2ypzOVNA==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: gSnTG0FuzGZRFSAPBBsba8Zxq.ktLEhc
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 12

GET
H2 200 t.js Show response
wec-assets.terminus.services/258f71bf-a18a-4aa1-8bbb-686b534a4d71/ 40 KB
12 KB 138ms
42ms Script
application/javascript 18.66.122.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wec-assets.terminus.services/258f71bf-a18a-4aa1-8bbb-686b534a4d71/t.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-59.fra60.r.cloudfront.net

Software

Resource Hash

6e918cd178f2903145652818e334f51f4c3808f6136f38d37400be6a30238d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:56:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 539
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BBItw9B_9JdMH94ZrX-qKteq12y5aFJrB2hvoDe3LJHeCfaqhr1-0g==

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
327 B 373ms
116ms XHR
text/plain 44.195.195.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.195.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-195-43.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://capitolcanary.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H3 200 c.gif
grow.clearbitjs.com/api/ 35 B
239 B 383ms
287ms Image
image/gif 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fcapitolcanary.com%2Ffake-page&c=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.3 , Sweden, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
cf-ray: 76e3403d095791f6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 event Show response
apisdk.pathmonk.com/apisdk/v1/javascriptsdk/ 219 B
570 B 225ms
58ms XHR
application/json 54.76.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apisdk.pathmonk.com/apisdk/v1/javascriptsdk/event

Requested by

Host: pathmonk-lib.pathmonk.com
URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.219.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-219-51.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.38 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /

Resource Hash

e676617776908abf0fdff4b2c58d3dd18f187ddce306d3857966b2cf7aa64bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: Apache/2.4.38 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 38ms
38ms Script
application/javascript 2600:9000:225e:6400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Date: Tue, 22 Nov 2022 17:04:39 GMT
Age: 84
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: HofYY-nFtbKMgVoH1FexDf_1EXoRRIKen8BGkuPImUNs9OjkoLeYTA==

GET
H2 200 forms2.min.js Show response
app-sj20.marketo.com/js/forms2/js/ Frame 3644 208 KB
69 KB 81ms
81ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-sj20.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
age: 1012
etag: "ee037b-33e51-5ea394834ab40"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 76e3403ccdb0bbfd-FRA
expires: Tue, 22 Nov 2022 21:05:36 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
444 B 118ms
117ms XHR
text/plain 3.216.203.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=rudbwtV5Hy_XalBAJdV4nQ&is_js=true&landing_url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&t=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&tip=R3fDI8L8_wUYfe8hT8H5S-1U785ueAEk_A7KxHiaeww&host=https://capitolcanary.com&sa_conv_data_css_value=%20%220-7932cfc5-2c98-4052-487a-22aacef8e13b%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9a73b9602b7c342966c11905c4d47ec5b50ff076d&sa-user-id-v2=s%253AeTLPxSyYQFJIeiKqzvjhO1D_B20.3I0MnQXG%252FxN5TP3Z6fPoGSUoJLAzp5vl21%252BvPVIgnxw&sa-user-id=s%253A0-7932cfc5-2c98-4052-487a-22aacef8e13b.3AZVW%252FUJcMDZPBMJzZH5MFyYURX9MTwL9qy2plR0dzE
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.203.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-203-91.compute-1.amazonaws.com
Software: /
Resource Hash: 250a093f7e99e4da00e86ea8ab8301c6dd652d8a47c519e3d8f37644807ff549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 17:05:36 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://capitolcanary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 178ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=258f71bf-a18a-4aa1-8bbb-686b534a4d71|5887e74f-53e3-4b62-b182-f28569396664&gdpr=1&gdpr_consent=null
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 22 Nov 2022 17:05:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 t.gif
wec-assets.terminus.services/258f71bf-a18a-4aa1-8bbb-686b534a4d71/ 43 B
304 B 38ms
38ms Image
image/gif 18.66.122.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wec-assets.terminus.services/258f71bf-a18a-4aa1-8bbb-686b534a4d71/t.gif?d=5887e74f-53e3-4b62-b182-f28569396664&s=b879df18-8961-4202-bd4d-9e06f7cef5bf&p=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&cb=1669136736790&gdpr=1&gdpr_consent=null&t=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&r=http%3A%2F%2Fabout2.capitolcanary.com%2F&e=page_viewed&u=ea65befc-4e86-4164-a6ba-2a278b81836a-1669136736790

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-59.fra60.r.cloudfront.net

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:56:40 GMT
strict-transport-security: max-age=31536000
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 536
x-cache: Hit from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: SC67yRcKVHKna79kt_ocEEFoGFqXXJ-kY5qPCvcJaoZYPKvkSuF6Kw==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 38ms
37ms Image
image/png 2600:9000:225e:6400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Mon, 21 Nov 2022 19:19:55 GMT
Via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age: 78391
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2g1KVF2Ed7gewP0q8DEn7ZpK0ePQCkpaDuzI5KtYaZxm0n750ocxrg==

GET
H2 200 runtime~main.bad93b5f.js Show response
js.driftt.com/core/assets/js/ Frame FE64 6 KB
3 KB 39ms
38ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c7d804b72efc14f38f31f36d27208604ce426c1fcc0d75bc5cd8da0dbcb33c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:33:53 GMT
x-amz-version-id: n_PRuVLxRQIA6djMS7198.h2vKp52lgj
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Tue, 22 Nov 2022 15:50:01 GMT
server: istio-envoy
etag: W/"17a37f5fbc0c33a281c525023061be48"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3jYgAb_g_XbT_jDH1fVT5Nm-KFD9inCNkL46ov06ghS_jRyKxZbo3g==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 35 KB
13 KB 43ms
43ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:31:13 GMT
x-amz-version-id: vyT5gQlqz9A8i_6E5xxIGgYeKAsqYk6Q
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1611263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 00:27:56 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KFN_jzueanHlD9Ue5vVnL6epJM5N7qmrrrT3LN_gVEP3yYXPVfBwyg==

GET
H2 200 main~493df0b3.d3ac7d8e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 7 KB
3 KB 45ms
45ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d3ac7d8e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7ad9ef3a4bc35c8e26b515b58bfa16be478746a7716c91b69c5d53222986f959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 16:30:47 GMT
x-amz-version-id: 1PMN2YZru9S0WwHo36rIqDOML6PItZQh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2162089
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 28 Oct 2022 15:57:23 GMT
server: nginx
etag: W/"f953d4d3bced33e843c6d5f9a6da145f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FhezWcWqsfuBzidLzyfXcjn4yi2hjvNESp4X2ic1kvwp-v8n32-jfg==

GET
H2 200 runtime~main.bad93b5f.js Show response
js.driftt.com/core/assets/js/ Frame 167B 6 KB
3 KB 39ms
38ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c7d804b72efc14f38f31f36d27208604ce426c1fcc0d75bc5cd8da0dbcb33c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:33:53 GMT
x-amz-version-id: n_PRuVLxRQIA6djMS7198.h2vKp52lgj
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Tue, 22 Nov 2022 15:50:01 GMT
server: istio-envoy
etag: W/"17a37f5fbc0c33a281c525023061be48"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 69_FCEyhRn_bCTUq2VqB2kcPzEA1zJ9sb7oqJBY0DyH2lvCUqjZiow==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 35 KB
13 KB 43ms
42ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:31:13 GMT
x-amz-version-id: vyT5gQlqz9A8i_6E5xxIGgYeKAsqYk6Q
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1611263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 00:27:56 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KojxlAwK6txB8pTgl6yqCg7e-9gwLDgvyeFmH0chb9fzUr7T655z8Q==

GET
H2 200 main~493df0b3.d3ac7d8e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 7 KB
3 KB 45ms
44ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d3ac7d8e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7ad9ef3a4bc35c8e26b515b58bfa16be478746a7716c91b69c5d53222986f959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 16:30:47 GMT
x-amz-version-id: 1PMN2YZru9S0WwHo36rIqDOML6PItZQh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2162089
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 28 Oct 2022 15:57:23 GMT
server: nginx
etag: W/"f953d4d3bced33e843c6d5f9a6da145f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tcvgxz5E8QqTbaYYY5olxBybvTpNg8uZuBk3qbImXadLnd5mKDcxiQ==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2EA5 0
18 B 79ms
38ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://capitolcanary.com
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://capitolcanary.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 17:05:37 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 49.b6336d11.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 23 KB
8 KB 42ms
39ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: tFkawZ7Fd.jveKk2Q_grwX_qW9zyzYsf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"8004ba5ba9fc99e5c559490658a3863f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: boT9se1y0sz5H-rmeadTZeVO7HygvaANLdttD3BgFD_dAV-4pbwWQg==

GET
H2 200 33.ae4de0a0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 36 KB
10 KB 46ms
43ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: HixqumxK82A.kHDuHBPfmn6VAN6aPH4h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"db0cd5b66c52523e10b87a0c8a2db182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BlD_oVxt0QRJCYR_Bx75LOtkPSacSEDtME0BDbHPpNMZg1t9RXhuLg==

GET
H2 200 23.60057654.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 32 KB
11 KB 50ms
47ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.60057654.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: A.jwRfFHKkUyhAxHnaTtscpVGcKmzGah
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:29 GMT
server: nginx
etag: W/"0e963aeeee70e63f5078955e6db860f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DBeeupZRyKv2-K__XSPwi8cEa6dERwFT-KWhE_qE4WRUtISvoJYOmw==

GET
H2 200 18.2ab31195.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 17 KB
6 KB 51ms
49ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.2ab31195.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: rKefocxJhSz0y_AilqbsDEtw7DeIdBvq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:29 GMT
server: nginx
etag: W/"09e4a870348ecb960c5807c49bbf0c16"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gVSmF8w-9eMvM77u2HUhIgYYlYEpgr8nxw7jdvkpguC3p5Ke-aJtMw==

GET
H2 200 40.5fa801cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 25 KB
8 KB 54ms
52ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.5fa801cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: f55GXA4L3g5g9hzfUJcqjDgxYQXmhaaq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"e7d37d5ffc01767c10d8677c65ead60b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4lMYWMmlcGQqjxxi5yPvapO--kMCwS4zWhSfZK2WVhPRK9bE3xsQaQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 74 KB
23 KB 60ms
58ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 02:06:06 GMT
x-amz-version-id: MDNDeX8Ofa2_7CLpbSrobXhmTPeoBkby
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2041171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 28 Oct 2022 15:57:21 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hC1Rhbbc3YyksnHCi6APhm0UmzNRS-skziQt59EcVbrdmruAlJ0uJw==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 59 KB
19 KB 74ms
72ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 02:06:06 GMT
x-amz-version-id: LzlaU0Vnd12Cs3jxCUINybAdyqEMAn7y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2041171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 28 Oct 2022 15:57:21 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vh1bruiIFq1PYOXyiGh9A4VkHa5LPcxDKGrDURnbH-mhlObbeeQNBQ==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 91 KB
91 KB 81ms
79ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 02:20:14 GMT
x-amz-version-id: tL0mO7lwTQOm1OEDR9eN1LSlBkEAt593
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 6965123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 92674
last-modified: Thu, 01 Sep 2022 13:18:43 GMT
server: nginx
etag: "fdee1a560ca08e3d3702e14d8f1f0b82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JF4eoKSQCOff-HmY_J99h4FsrIMQ0cMSbmJELP7FNDYmny2vOIvYgg==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 23 KB
7 KB 110ms
109ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:21:41 GMT
x-amz-version-id: 2pklatEL_AaJDj_xEoothS7WfRGbwRnv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1611836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 00:27:53 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VlA6F3BvJAxZLYb4ZBYYRC7kX7oDIirFKeuKrssKajxdAjP1vzm3KQ==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 62 KB
20 KB 113ms
111ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 01:42:02 GMT
x-amz-version-id: 4419YFPoRA1JyzCepHPPe9MgW2odb2j5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7313014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VKVfIckPucwfL6Q6efsuZhgezNoN96m9VWB0clyCZsHM2llB-46QEA==

GET
H2 200 47.9d4808ed.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 105 KB
34 KB 116ms
114ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.9d4808ed.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: sQA7naSV8DmRN71SXAWLe8JIqPc1EcZO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"dfc66008c702c40fea0587f735010013"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Gk9yyHnNlz_ZpY_hsQR6DAQItyAJGErTw6k0ocopEN-9BSW5Sb2cMg==

GET
H2 200 38.5941b51c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 12 KB
4 KB 119ms
117ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.5941b51c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: ulIUWFsoBvtlhMhpYiyBmET7DahweM5Z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"aa24724b97a516c589a05bc577d15db9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r82Kz4GlxEbbdiK4UCJs-UBbI50Z19zMEEAUeHEYoOd1i3oupiTVFA==

GET
H2 200 28.190877b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 13 KB
6 KB 121ms
119ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:21:41 GMT
x-amz-version-id: XNe27IyH0CuVErKbmWDfSMo019HBMs8f
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1611836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 00:27:54 GMT
server: nginx
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kbe7PE-pjahFYxcVaPAx7L0vRZJPMGXKMEw49FFvlPC1kz1Tm7IDkw==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 17 KB
7 KB 122ms
120ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ru_dIwS_2HYOJkefY54PFtbtUPj4KWzL
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Sat, 05 Nov 2022 03:13:14 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1518743
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 15:44:32 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9qZKn7CXDQBN9qRlar_LOjNPjmVpTI_jZU7pGJCn-GU1kzARMg6OKA==

GET
H2 200 9.7980313a.chunk.css
js.driftt.com/core/assets/css/ Frame 167B 14 KB
3 KB 122ms
120ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.7980313a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

146b085fcb240a04c301d265173b47e2794d3fd86c26ccb986ca01095fe8f847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 05:20:07 GMT
x-amz-version-id: mzm476FibAm1Qjw9LluE_kk_JVDGZMMz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 819930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 09 Nov 2022 18:21:19 GMT
server: nginx
etag: W/"97ab5d7bf24ef1c4f1e14801b9a510ed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _C_gX_1K5iRAaz47Pv15y5KVf_fsI8TNbQ-lSrJISEIB40witXZQ9A==

GET
H2 200 9.cc859315.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 78 KB
25 KB 124ms
122ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.cc859315.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d8bda1b0af6b698fff3f612170c79a39e2fb3ed9c4d5acd8edb34c24b746d4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 20:02:03 GMT
x-amz-version-id: DbHa5NGznlWoo7NhUiJ3GTlZi3VjXZvj
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 680614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Nov 2022 19:29:21 GMT
server: nginx
etag: W/"eae19071cebafe967627e045c973da82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wixIrstSZifXykeDkF2LYN7Ub65s1D_nLbkW9b8_q_Xt9qbBrH9mXg==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 167B 24 B
665 B 122ms
122ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 11:02:35 GMT
x-amz-version-id: 4HaliywZLTbWidTr9jxerhwMhVKcNAWE
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 4341782
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Wed, 08 Jun 2022 17:19:34 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aj0aOzjtp11A3n9rf6sDR8z-GR55xEK4CaG4BLXn736kXfqio3ueZA==

GET
H2 200 15.9c69efb8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 82 KB
21 KB 126ms
126ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.9c69efb8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

73e0e291c869fcab0c397de6a43ca086f33820ffc5405c4b1a7f95f40f25b5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 14:06:26 GMT
x-amz-version-id: qgmad2rgNUS4tU4bZd1R7AwtJqEMZnuS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 442751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 16 Nov 2022 21:57:13 GMT
server: nginx
etag: W/"47a1057175198df86943c8e03c67f387"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4tZ9DBc5ZkPo49aKRszueepugKURJ4ddGhi1Z1wsghvjMTNvB0wB7A==

GET
H2 200 24.c311b76f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 49 KB
13 KB 130ms
130ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.c311b76f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c693b88392df16bddd61b639994f2244b8924383119ff366da38b211815a6614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:33:53 GMT
x-amz-version-id: m3vfbPRXwvqh5sXW_HgcLSjtz.EYCGKz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Tue, 22 Nov 2022 15:49:58 GMT
server: istio-envoy
etag: W/"2267a7227af1d3df5470a1fc927f7f91"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KjOGqNyugmJERWmZhYTrKgQvBrzGuAQeHG48RgB8kB2YzLIspWlfSQ==

GET
H2 200 17.7c368973.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 39 KB
13 KB 133ms
133ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.7c368973.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2e99b0db1588a43579a468efa40eed92abfba98328fe75930bee8d1f18b79f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:33:53 GMT
x-amz-version-id: .ciJlv6CDNKqoDIAfGkQgLA7XWJsAxtb
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Tue, 22 Nov 2022 15:49:57 GMT
server: istio-envoy
etag: W/"8197d68864746fb8599945f4b32725d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: thwMZthnz4vVq_INHDaGZnTJtA2eBUo0mcqwsVVYCGa4TSDALDNhKQ==

GET
H2 200 49.b6336d11.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 23 KB
8 KB 132ms
130ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: tFkawZ7Fd.jveKk2Q_grwX_qW9zyzYsf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"8004ba5ba9fc99e5c559490658a3863f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ztsou6Br-kzx3NeWC5YXRQyrBQCpm7hoGatG8bjWTX00-4WSpAyAjw==

GET
H2 200 33.ae4de0a0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 36 KB
10 KB 133ms
130ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: HixqumxK82A.kHDuHBPfmn6VAN6aPH4h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"db0cd5b66c52523e10b87a0c8a2db182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mZxz_Knqrorwam05_ysbOH5hIz6bqh5UQsQIT8MIufDUn_vK_SCvyg==

GET
H2 200 23.60057654.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 32 KB
11 KB 135ms
131ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.60057654.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: A.jwRfFHKkUyhAxHnaTtscpVGcKmzGah
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:29 GMT
server: nginx
etag: W/"0e963aeeee70e63f5078955e6db860f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 43fm-CVvlexPqcRGkrvDo3cWtbOJ2z9hagfy0mrpUDhGbxAqUYE5UQ==

GET
H2 200 18.2ab31195.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 17 KB
6 KB 135ms
132ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.2ab31195.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: rKefocxJhSz0y_AilqbsDEtw7DeIdBvq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:29 GMT
server: nginx
etag: W/"09e4a870348ecb960c5807c49bbf0c16"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s3I72DzblwUZFpiX0FKDu6WaX0UiCBjO3ckBSpyQcWHe4jylrH_kNA==

GET
H2 200 40.5fa801cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 25 KB
8 KB 136ms
133ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.5fa801cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: f55GXA4L3g5g9hzfUJcqjDgxYQXmhaaq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"e7d37d5ffc01767c10d8677c65ead60b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X24Bk3Ey0NKC6YBohRozQ-IIav8AG5tJxManSAh4lqtn-4VAQqgMOQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 74 KB
23 KB 138ms
135ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 02:06:06 GMT
x-amz-version-id: MDNDeX8Ofa2_7CLpbSrobXhmTPeoBkby
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2041171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 28 Oct 2022 15:57:21 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qfwmMx0hKquWshIYiH_xL5eSulOXUO-Z52pUBcXJj23s8UK3jWOC8Q==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 59 KB
19 KB 142ms
139ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 02:06:06 GMT
x-amz-version-id: LzlaU0Vnd12Cs3jxCUINybAdyqEMAn7y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2041171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 28 Oct 2022 15:57:21 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: evyk0rO9CxomZsw0zWkaG5N5W5VVYQYbHVSfA9xLtJ6bNSp8RVRR1Q==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 91 KB
91 KB 144ms
142ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 02:20:14 GMT
x-amz-version-id: tL0mO7lwTQOm1OEDR9eN1LSlBkEAt593
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 6965123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 92674
last-modified: Thu, 01 Sep 2022 13:18:43 GMT
server: nginx
etag: "fdee1a560ca08e3d3702e14d8f1f0b82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eHobPMuAl7ulb5PH36ubMt5ayFZKTIpJ-2YF57-spXRzWQ5A6zg_ig==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 23 KB
7 KB 153ms
151ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:21:41 GMT
x-amz-version-id: 2pklatEL_AaJDj_xEoothS7WfRGbwRnv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1611836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 00:27:53 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XezEa3ofKjeXMvhzUxOlT_qzynrWKIQdCqNoJD7wxtNru86qShm6Cg==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 62 KB
20 KB 154ms
152ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 01:42:02 GMT
x-amz-version-id: 4419YFPoRA1JyzCepHPPe9MgW2odb2j5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7313014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 25 Aug 2022 21:13:15 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GsandGAEcSxvPgwwmVJT9EHgjmceCDu-j6aEH_GnzN5VguNZRZWxxw==

GET
H2 200 47.9d4808ed.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 105 KB
34 KB 156ms
154ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.9d4808ed.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: sQA7naSV8DmRN71SXAWLe8JIqPc1EcZO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"dfc66008c702c40fea0587f735010013"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hlx_oRIjxiwi62mToxhDMG85TKdjFw7YEsjJeHU0H3fSTi5zPUbfTw==

GET
H2 200 38.5941b51c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 12 KB
4 KB 158ms
156ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.5941b51c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: ulIUWFsoBvtlhMhpYiyBmET7DahweM5Z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:30 GMT
server: nginx
etag: W/"aa24724b97a516c589a05bc577d15db9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qKNzwtIVTuGSdrhq5qE1tcLHbVz8EseDyGyeCiD1CQQqWrgaRs8WRA==

GET
H2 200 28.190877b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 13 KB
6 KB 159ms
156ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:21:41 GMT
x-amz-version-id: XNe27IyH0CuVErKbmWDfSMo019HBMs8f
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1611836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 00:27:54 GMT
server: nginx
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KYuVgVFUqIB4vk5W8fL1veRQbpBdeAUaR1ZG8Q-Kdm73sNK3nR8VUQ==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 17 KB
7 KB 159ms
157ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ru_dIwS_2HYOJkefY54PFtbtUPj4KWzL
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Sat, 05 Nov 2022 03:13:14 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1518743
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 15:44:32 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r5N5h9PXfvLnwwneeADo-7h6GhyEljulPBSi4h98TgY2iTqMyYx5bg==

GET
H2 200 9.7980313a.chunk.css
js.driftt.com/core/assets/css/ Frame FE64 14 KB
3 KB 157ms
156ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.7980313a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

146b085fcb240a04c301d265173b47e2794d3fd86c26ccb986ca01095fe8f847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 05:20:07 GMT
x-amz-version-id: mzm476FibAm1Qjw9LluE_kk_JVDGZMMz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 819930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 09 Nov 2022 18:21:19 GMT
server: nginx
etag: W/"97ab5d7bf24ef1c4f1e14801b9a510ed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v2mQ3Agox_MfST4Y2cKkL-Xp97KR5ILF_R8lN4SiDy6rNsQFjezGdw==

GET
H2 200 9.cc859315.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 78 KB
25 KB 159ms
158ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.cc859315.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d8bda1b0af6b698fff3f612170c79a39e2fb3ed9c4d5acd8edb34c24b746d4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 20:02:03 GMT
x-amz-version-id: DbHa5NGznlWoo7NhUiJ3GTlZi3VjXZvj
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 680614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Nov 2022 19:29:21 GMT
server: nginx
etag: W/"eae19071cebafe967627e045c973da82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FpYhLWL2ekHb7pWN4l_ntFBigQAbAay9nAQsC-VTw9YOzryLAwbiBA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame FE64 24 B
666 B 159ms
157ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 11:02:35 GMT
x-amz-version-id: 4HaliywZLTbWidTr9jxerhwMhVKcNAWE
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 4341782
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Wed, 08 Jun 2022 17:19:34 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xn5HdjXNXV_xSehj0JzlsT5u-afWFwimN-9958a51Ebgs_psjH9MMw==

GET
H2 200 15.9c69efb8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 82 KB
21 KB 161ms
160ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.9c69efb8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

73e0e291c869fcab0c397de6a43ca086f33820ffc5405c4b1a7f95f40f25b5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 14:06:26 GMT
x-amz-version-id: qgmad2rgNUS4tU4bZd1R7AwtJqEMZnuS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 442751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 16 Nov 2022 21:57:13 GMT
server: nginx
etag: W/"47a1057175198df86943c8e03c67f387"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K7v9mtrKuTCemk3Hnsgw88Hs62up8EAu7CcHi4EO2mboHoEu4JoRng==

GET
H2 200 24.c311b76f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 49 KB
13 KB 162ms
161ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.c311b76f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c693b88392df16bddd61b639994f2244b8924383119ff366da38b211815a6614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:33:53 GMT
x-amz-version-id: m3vfbPRXwvqh5sXW_HgcLSjtz.EYCGKz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Tue, 22 Nov 2022 15:49:58 GMT
server: istio-envoy
etag: W/"2267a7227af1d3df5470a1fc927f7f91"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fq8gIuTAsHUhFCzlBtdr0EXi43CaP8xsQRnSlzxdmOc4MZbILlzZdA==

GET
H2 200 17.7c368973.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 39 KB
13 KB 162ms
162ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.7c368973.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2e99b0db1588a43579a468efa40eed92abfba98328fe75930bee8d1f18b79f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:33:53 GMT
x-amz-version-id: .ciJlv6CDNKqoDIAfGkQgLA7XWJsAxtb
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Tue, 22 Nov 2022 15:49:57 GMT
server: istio-envoy
etag: W/"8197d68864746fb8599945f4b32725d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NnvLN3CBbMZKJgzQhbWxxXOW21VqBmt1_hu7hgDi-s8bpUlNqJYfxg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 9 KB
3 KB 40ms
38ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 00:41:02 GMT
x-amz-version-id: E.Le1HHD6dXp1z9JLSdA8U2RMDD.dyV2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 6711875
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 13:18:43 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BDhlsadORi3AG7m5sITdpbOG3KbKvUk_ttOCPqMW61V17ExXmLXYuA==

GET
H2 200 26.2d4cdbd1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 34 KB
10 KB 42ms
41ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 01:07:20 GMT
x-amz-version-id: tM2T8akbDQhGgzKFSuMuOHHBsnaBAuDB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 4809497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 27 Sep 2022 17:50:21 GMT
server: nginx
etag: W/"c55d27c90bd5affbf7c7047151ac3b6a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ixLWvLUGYJXecWMI3xaCJSZmmZiucfRDGY4pg6YQFaklAmhvY8WciA==

GET
H2 200 27.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 167B 8 KB
2 KB 41ms
39ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 01:42:04 GMT
x-amz-version-id: o6Mn8iWshgmcy2o5f_hocRiRC01jfiMI
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7313013
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 25 Aug 2022 21:13:13 GMT
server: nginx
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GU19SWdsY7ta3iuyrGZo_LG_RgW9J3yIKp88CeT1WA_4NSDWQL1E-A==

GET
H2 200 27.7659dd6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 14 KB
6 KB 42ms
41ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.7659dd6f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

08d58eea55ad5fe4d16a05e54bf4d5a6c7039ded3276585ed2c8d0d6e4e3118a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 15:39:10 GMT
x-amz-version-id: K9i7o4s1sMuY5Mge2dc4_5UfBKvGpyZH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1560387
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 15:28:39 GMT
server: nginx
etag: W/"d7b61d1b01a22d82018c40d322ce7053"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2GC7UAl_AL6ZzW4KHBfg44DA5WKIXLmZsixDeFQIPD-7T--hXTQN1w==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 167B 365 B
1008 B 41ms
40ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 03:29:14 GMT
x-amz-version-id: y7iWOn0R1U7aQ4DsTKf7rZV8hg.t2xRd
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 1863383
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Mon, 31 Oct 2022 16:19:34 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3D_vEqq0nrZZaw2unLv93FeGfKROu57cUtF8snQxcbOQIJUghzJUVA==

GET
H2 200 19.390436cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 167B 91 KB
26 KB 43ms
42ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.390436cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

14b1387a04f18b3807a637d7b856207b0a7188e9fff311474dd2b8ce486a28c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fapv5tguvsk6&eId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=14b3e2fe-91c1-41a2-ace9-a7ad92c4268c&sessionStarted=1669136736.628&campaignRefreshToken=449a49cd-5ab9-4194-b178-489aadb431da&hideController=false&pageLoadStartTime=1669136734921&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 20:02:04 GMT
x-amz-version-id: pi85TMGSx5c201S__pgE17eXzrOfbC7T
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 680613
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Nov 2022 19:29:19 GMT
server: nginx
etag: W/"e769e6a1f3a8bd1b184c977ffa6e3e9a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KziDOKzf4JQXbM1OasF-YYWaWTtqRqApnmIGQZIb_AUdEOFXnkTPjA==

GET
H2 200 35.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame FE64 3 KB
1 KB 38ms
38ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:00:24 GMT
x-amz-version-id: li5JOsqqUauzAGZ0fjgKE9H7aGjkB0Kz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3377113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 14 Oct 2022 14:29:27 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l-TfpKKKGQNpJxVRtBsU9HRP-EtPFH0y9sNkLCvpPtV7hQ1cSkTiyQ==

GET
H2 200 35.438351b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 3 KB
2 KB 38ms
38ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.438351b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d3c4b1d1abee7af1529758460c464a8721f281dfc899159dc36f521534d53fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:32:27 GMT
x-amz-version-id: Ln2wXRWXCmY6q_3EWqHkHy7TVlZgdhGf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3105190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 17 Oct 2022 18:01:30 GMT
server: nginx
etag: W/"6d42b26d199471df6876d34dd3714424"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0vVFQ6394zfXG-bhtZ_1zOUTff9LwiBLriYliFOLe_JG7o-74tEmcg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 9 KB
3 KB 39ms
37ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 00:41:02 GMT
x-amz-version-id: E.Le1HHD6dXp1z9JLSdA8U2RMDD.dyV2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 6711875
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 13:18:43 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vTK5m7QmGi1SY7_cfzDtaS3k8wkvgfA-IEvGriHEca1s9MnbwVYl0Q==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame FE64 7 KB
2 KB 38ms
36ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:31:03 GMT
x-amz-version-id: xMSMnV9tWwYbYK5vcAWtWMQdbuElelpe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 3054874
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 17 Oct 2022 19:19:17 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cxqkdQWqkrTqRfv_h23eh26PBDFNmghhLsW72cXORQRZlUGa4LCuLA==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 54 KB
15 KB 41ms
40ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 01:16:23 GMT
x-amz-version-id: k62GB09BT0igkSmfE6Ijm4pRrmboxEaf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2303354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 26 Oct 2022 23:22:49 GMT
server: nginx
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RMFnG1olKmQG5x3u5TwCX9dPPESgK-ykwi3CSkSTNnx48z1cv1UHqQ==

GET
H2 200 1.fbdab3a3.chunk.css
js.driftt.com/core/assets/css/ Frame FE64 43 KB
7 KB 40ms
39ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.fbdab3a3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b22a1ebdf9aecea6f73860db0e9d184d96d28d85196efd42cfae5d8d0f103571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 17:43:15 GMT
x-amz-version-id: 9uUmxdQgGw3P_n0CkITQMBgU8ZLNWJXU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1552942
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 15:44:30 GMT
server: nginx
etag: W/"6eae9d8917505f7858dc56cf0731728a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t0doOtMy9eaE2UPL-s9qmJ4IhowTQ7HMlWicQ-JWIVGtqyTIVK1oIA==

GET
H2 200 1.850e66da.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 73 KB
25 KB 43ms
42ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.850e66da.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

721c262f4a94e7285dc57669e73dfcc1da0b33608e9d4815f4a061ae3dd98754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 15:39:10 GMT
x-amz-version-id: Y3ZhhRYltwWjTI8W3oU7gUPsiebH8sGz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1560387
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 15:28:38 GMT
server: nginx
etag: W/"3598824ae2c8be769415b4f4aeaa0a4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aFQqHArxrS3S3bn5pB_p6mfsS2npkNKAVQtF2Ht35QtbFq5-N-Rf8w==

GET
H2 200 32.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame FE64 14 KB
3 KB 44ms
43ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:07:01 GMT
x-amz-version-id: yJlKxIRxPBkwsV2KVW8rjy2H2OzEEqdR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1609116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 04 Nov 2022 00:27:51 GMT
server: nginx
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kfc5LDio9vF36JEoA0WcZQSlN18-tggv5jD797tO43awxYHpZ3dpOA==

GET
H2 200 32.02c90ef9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame FE64 12 KB
5 KB 44ms
44ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.02c90ef9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bad93b5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

968aa77906b12777060a2d8c5794c27a2642ae106bda2363c9a868749d83bc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1669136734921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 20:02:04 GMT
x-amz-version-id: vskaoU6oW1dARdkYPWcbY4P9fXvvzxt_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 680613
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Nov 2022 19:29:19 GMT
server: nginx
etag: W/"6e002280f8027b708a93eadf26041ce7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ojj0L9xyzUhjoS3RMRA0lfP4_klHmpPLVNjBGcKq1i-rfHHGAu-MNQ==

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 167B 147 B
268 B 122ms
122ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

8c4c71b0169b02ae8c5a0ba34b1acccfe2c52589f2ab3457edce9db2c7b53f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Nov 2022 17:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 166df20c90cfcf5f
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 649ms
122ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 22 Nov 2022 17:05:37 GMT
requestid: driftb20ae664ec191803b86f699f92b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 5.cadaa863.min.js Show response
a.omappapi.com/app/js/ 9 KB
4 KB 43ms
42ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.cadaa863.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: fe91fc163743589009316454f46db67d0fe1287cc99d767b8c891e661cc0af21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-200
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Tue, 15 Nov 2022 20:55:05 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 489
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6373fca9-2509"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 02c2b602395222fc5b7111e1cec48c1d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 49ms
49ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 1056
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Fri, 05 Aug 2022 15:30:54 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 419
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"62ed37ae-40cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a18a85067893b88b96f90e24e4681d17
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.f2ffe9e7.min.js Show response
a.omappapi.com/app/js/ 20 KB
7 KB 42ms
41ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.f2ffe9e7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: b2f9480f6a1703fd69ff74ba2434d456a665195b59162a45d162373ba4ec3674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 18:33:06 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 459
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"637289e2-4f7e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f6b65cc8dff28886725ef49aeb140eae
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 13.31198538.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 49ms
48ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/13.31198538.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: c3861fd3ef70e39953663756f1d2da0fc7468988ae1d2e36ec7335c6087240ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:38 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 175
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0e-909"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 57d51e35fc51dc74a642a1140142d8b4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.1ca31d61.min.js Show response
a.omappapi.com/app/js/ 4 KB
2 KB 54ms
53ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/20.1ca31d61.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: e385c747398d24128c240a4f4e0607be529c26296a4802450c8188dfa3baae87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 505
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-eca"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a1adc673c88fab638ed308cf8e71841e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.7c2ba7ea.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 56ms
55ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.7c2ba7ea.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: dd1b42deed1d63005cac2bac40391754f0a092f70dd062e85a628f02ee918a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 471
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-1758"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5f3786d8af886663cc39a311ac7962d9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.0f634e82.min.js Show response
a.omappapi.com/app/js/ 25 KB
8 KB 59ms
58ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.0f634e82.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: 965fa8b470b1e97662e805a1d702a4e5c96339c9d1a8a39fd77eb252ae8cedbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 512
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-6236"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7e8c4176142c89a2c2b9e1582b80114f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.81ef4a11.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 62ms
60ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.81ef4a11.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: 839c21ae42126ca8a9e48f655942cbbbc211ff94ca75f7e0ae79a1cf22f68d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 1056
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 488
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-1aa8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9a180fb6ab11c5c2c42e497045e8240c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.8520b11d.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 84ms
82ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.8520b11d.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: 9625862ee4fbfc5dd16dce599111dd10fae37be370ace1d7c6aa2e7e8305dd72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 505
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-684"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 2606609a1c7c532241563e5892c03fe3
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.9da7034c.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 63ms
61ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.9da7034c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: c283f624330331ea2fe1ad26901978ed63c23e1288375038638fd558cda10201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 1056
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 18:33:09 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 473
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"637289e5-7cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8da386927a4eeb0fb66abfd2ece29f23
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 29.1c75394c.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 65ms
64ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/29.1c75394c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: 64291ca8205f7a6497699499c83bcf2fed41389e6c63a62bd1cfaa6cf96b7784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 1056
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 471
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-adf"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 00d441db7227d03bee79f15e00c096e2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.205350b7.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 63ms
62ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.205350b7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: 71b431588ec643cf8f700db70fdcbca462f1a820f4792885bc182f4193f65201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 1056
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 505
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-4f6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 429f10af1c64ab87821e5da0a42a7b7e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.53ab7a19.min.js Show response
a.omappapi.com/app/js/ 852 B
1 KB 64ms
63ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.53ab7a19.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: d6e3945e297b413614f66b9bbd9bf9367dd3ba97febfdcb0c6f7e235453a6ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 492
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-354"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f665a32a65044f32056cc13c097e2a5e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.12278d6a.min.js Show response
a.omappapi.com/app/js/ 11 KB
4 KB 86ms
85ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.12278d6a.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: bbdafb884904e356dd106e4201b9c1f00682c98771152a4a0affb3e011e38c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 505
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-2b60"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 10a41aef4005aa095b5d042a98389617
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.7f83f3f7.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 84ms
83ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/22.7f83f3f7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS1-879 /
Resource Hash: 183eab2a4c3771163b58ae7f5197995f945817c084f800f2a001dad097d45518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:05:37 GMT
content-encoding: br
cdn-edgestorageid: 1056
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 11/21/2022 23:02:12
cdn-pullzone: 293267
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
server: BunnyCDN-AMS1-879
cdn-fileserver: 506
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63729c0b-613"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: ea6ac9d66d326558897d464879702c3d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5834 0
181 B 106ms
57ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&upid=21br8ux&upv=1.1.0&gdpr=1&gdpr_consent=null
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 22 Nov 2022 17:05:37 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 7D75 0
181 B 85ms
57ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&upid=21br8ux&upv=1.1.0&gdpr=1&gdpr_consent=null&ret=916
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 22 Nov 2022 17:05:37 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=660645352&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25&el=%2Ffake-page&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=185617743.1669136736&tid=UA-33465110-1&_gid=266677562.1669136736&gtm=2wgb90TS9B9K9&z=1055318496

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 03:25:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49208
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=660645352&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50&el=%2Ffake-page&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=185617743.1669136736&tid=UA-33465110-1&_gid=266677562.1669136736&gtm=2wgb90TS9B9K9&z=1836247139

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 03:25:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49208
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 167B 25 B
89 B 141ms
140ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Nov 2022 17:05:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: ad3a896fa67bf3a9
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 132ms
120ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 22 Nov 2022 17:05:40 GMT
requestid: drift669d76d4e57907135dc069030f6
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 45ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MR1REW8MSK&gtm=2oeb90&_p=660645352&gdid=dZTNiMT&cid=185617743.1669136736&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669136736&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=Websights&_ee=1&ep.optimize_id=OPT-MDVLCWQ&ep.event_label=Enriched&ep.event_category=Zoominfo&ep.non_interaction=true&ep.dimension2=69485468&ep.dimension3=State%20of%20Minnesota&ep.dimension4=business&epn.dimension5=12352000&ep.dimension6=10M%20-%2050M&epn.dimension7=100&ep.dimension8=Under%20100%20Employees&ep.dimension9=State%2CGovernment&ep.dimension10=Government&ep.dimension11=Saint%20Paul&ep.dimension12=Minnesota&ep.dimension13=United%20States&ep.dimension14=55155&_et=400
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGIPzyQMbf7GFx3nT1v33qD3Y8VZ-2WTFMUG-GEvSd19blwR-SpMNPccKLY73uLrW4A3z6kss1t0fD0S-uCj280at1HjQqhvyxL09gwCKoA9g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 17:05:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 167B 25 B
84 B 121ms
121ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Nov 2022 17:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: f4588e2e11ca5387
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 120ms
120ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 22 Nov 2022 17:05:43 GMT
requestid: drift7e97d7243c0aceab0b424b2cbbc
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capitolcanary.com/	1970-01-20 17:14:56	Name: _mkto_trk Value: id:486-VKI-494&token:_mch-capitolcanary.com-1669136735982-83590
.capitolcanary.com/	1970-01-20 17:14:56	Name: _ga_MR1REW8MSK Value: GS1.1.1669136736.1.0.1669136736.60.0.0
.ws.zoominfo.com/	1970-01-20 16:24:32	Name: visitorId Value: d31c6e1a4c8360d74a6811d688346ac16fac8060e7badac8621d517cff11bbd4
.zoominfo.com/	1970-01-20 07:38:58	Name: __cf_bm Value: x8zTklHUvNFhIZyw7MUPoBqAtbWNLLZeQi0TA11l8aI-1669136736-0-AcY7Jt49XhnK7wYvDviTyu4V1l/PL1uwdnScbFUeLQ5gMO5VO/7yhf0yIYnrJ0NSsmVhKjMDjwgFvLvLrKZe6D8=
.capitolcanary.com/	1970-01-20 09:48:32	Name: _gcl_au Value: 1.1.339487991.1669136736
.app-sj20.marketo.com/	1970-01-20 07:38:58	Name: __cf_bm Value: 1qLejiRm0LdErct1SArwtJNxdTR3mzrtvhyTY..K8GU-1669136736-0-ATgUZX0BUpA6cCmhF23hMFYfa7rANHxP48HyTeZDYNBr3BPpaufK6iGFQ/ozoZrpkKEvt7rzkOfdTUVP6ayW9B0=
.doubleclick.net/	1970-01-20 07:38:57	Name: test_cookie Value: CheckForPermission
tags.srv.stackadapt.com/	1970-01-20 16:24:32	Name: sa-user-id Value: s%3A0-7932cfc5-2c98-4052-487a-22aacef8e13b.3AZVW%2FUJcMDZPBMJzZH5MFyYURX9MTwL9qy2plR0dzE
.srv.stackadapt.com/	1970-01-20 16:24:32	Name: sa-user-id-v2 Value: s%3AeTLPxSyYQFJIeiKqzvjhO1D_B20.3I0MnQXG%2FxN5TP3Z6fPoGSUoJLAzp5vl21%2BvPVIgnxw
capitolcanary.com/	1970-01-20 16:24:32	Name: sa-user-id Value: s%253A0-7932cfc5-2c98-4052-487a-22aacef8e13b.3AZVW%252FUJcMDZPBMJzZH5MFyYURX9MTwL9qy2plR0dzE
capitolcanary.com/	1970-01-20 16:24:32	Name: sa-user-id-v2 Value: s%253AeTLPxSyYQFJIeiKqzvjhO1D_B20.3I0MnQXG%252FxN5TP3Z6fPoGSUoJLAzp5vl21%252BvPVIgnxw
.capitolcanary.com/	1970-01-20 17:14:56	Name: _ga_80CPFVSEDB Value: GS1.1.1669136736.1.0.1669136736.60.0.0
.capitolcanary.com/	1970-01-20 17:14:56	Name: _ga Value: GA1.2.185617743.1669136736
.capitolcanary.com/	1970-01-20 07:40:23	Name: _gid Value: GA1.2.266677562.1669136736
.capitolcanary.com/	1970-01-20 07:38:56	Name: _gat_UA-33465110-1 Value: 1
.capitolcanary.com/	1970-01-20 09:48:32	Name: _fbp Value: fb.1.1669136736511.674202418
capitolcanary.com/	1970-01-20 17:14:56	Name: _omappvp Value: tukKvPkMkVTdwEITvCxYHHyhOg0GnCDaRDTyNatY18yElwQVBixuWWKJnJWyPTircj59WWnYzZ6sL3RRskWCpfeqO6YmUsLI
capitolcanary.com/	1970-01-20 07:38:57	Name: _omappvs Value: 1669136736543
.capitolcanary.com/	1970-01-20 07:40:23	Name: ln_or Value: d
capitolcanary.com/	1970-01-20 07:38:58	Name: drift_campaign_refresh Value: 449a49cd-5ab9-4194-b178-489aadb431da
.linkedin.com/	1970-01-20 08:22:08	Name: UserMatchHistory Value: AQKTDmLosJB1BQAAAYSgTWGJNCr4KNRQNYIBB9QdSdgqelYccW0kRq8XZSW8F-MgCsxJrVNohw_GGQ
.linkedin.com/	1970-01-20 08:22:08	Name: AnalyticsSyncHistory Value: AQILDZ_zjJrCWQAAAYSgTWGJU7ApMoqHJENtgerWh8cx5MeFoIu8jWWmfwRUwIVIIIH_su0v0-0w51P7su6p0Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:24:32	Name: bcookie Value: "v=2&72626b35-d62e-491f-8a98-51928875c24c"
.linkedin.com/	1970-01-20 07:40:23	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2377:u=1:x=1:i=1669136736:t=1669223136:v=2:sig=AQE6p17fPcMJ1xb0yQJUkMQmECwtnGG6"
capitolcanary.com/	1970-01-20 16:24:32	Name: d-a8e6 Value: 5887e74f-53e3-4b62-b182-f28569396664
capitolcanary.com/	1970-01-20 07:38:57	Name: s-9da4 Value: b879df18-8961-4202-bd4d-9e06f7cef5bf
tracking.g2crowd.com/	1970-01-20 07:59:06	Name: _session_id Value: d32963fadf759892ee5fd767323d386b
.g2crowd.com/	1970-01-20 07:38:58	Name: __cf_bm Value: 770UmZMdUPz3vCg2ZBbjHpk7bCBZfGEzdf.XVH1j0LY-1669136736-0-AaU+ahrbWTMEs+SpxZLctx1p4kJF6c98TXrB4UVJf1jjbr1s/wYfeIRPBEm4LsGw0JEBP/dytE0QSH13eJm3h14=
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:24:32	Name: bscookie Value: "v=1&202211221705368a7a30e3-5f2f-4aa4-8534-540b6457f2a7AQFeviXNfU8tFXAepu6MIUwo0tp4P7xX"
.linkedin.com/	1970-01-20 11:58:08	Name: li_gc Value: MTswOzE2NjkxMzY3MzY7MjswMjGbOqmiZdqIB45fka8ybqrKOW52JMAY2PgAznA1+uFiFQ==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257VpyZ8vB2g4o70EbiGY= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGIPzyQMXARI4euQrdgqtBvyLTLdbgzPmTAyVp8VfcF6x9m6GUYBu257VpyZ8vB2g4o70EbiGY= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://id.rlcdn.com/711861.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8545/tp=CKGY/tpid=c:de54a8a53313ed66007ec528b6b71169/gdpr=0/gdpr_consent=false/?https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D120%26cm%3D%24%7Bprofile_id%7D Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-Bprp4vxw4A4CAtjkdzZM5SVQalnWbMIQKT3a/fwehsA=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

486-vki-494.mktoresp.com
a.omappapi.com
about2.capitolcanary.com
aorta.clickagy.com
api.omappapi.com
apisdk.pathmonk.com
app-sj20.marketo.com
bootstrap.api.drift.com
capitolcanary.com
cdn.linkedin.oribi.io
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grow.clearbitjs.com
hemsync.clickagy.com
id.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
match.adsrvr.org
metrics.api.drift.com
munchkin.marketo.net
pathmonk-lib.pathmonk.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.adroll.com
script.crazyegg.com
snap.licdn.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tags.clickagy.com
tags.srv.stackadapt.com
tracking.g2crowd.com
wec-assets.terminus.services
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
104.16.95.80
107.21.10.200
108.158.46.113
13.107.42.14
141.193.213.11
143.204.215.12
18.66.122.59
192.28.147.68
2001:4860:4802:32::36
216.24.57.3
23.205.237.4
2400:52e0:1e01::879:1
2600:9000:206f:3600:2:53b2:240:93a1
2600:9000:2093:2400:5:b2d2:2280:93a1
2600:9000:225e:6400:6:9280:1080:93a1
2606:4700::6810:650c
2606:4700::6812:1e49
2606:4700::6812:2eb
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:803::2008
2a00:1450:4001:810::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9d
2a02:26f0:480:f::213:7ec6
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:cc3:fe04:4055:d9ad:e415:742b
3.216.203.91
3.248.87.83
3.33.220.150
35.244.174.68
44.195.195.43
52.184.251.130
54.147.21.139
54.76.219.51
65.9.65.116
00dc3e3e836bb5f63188a35f1612f81c787085926dfc064ef479ef19adb5cf92
0331377fb85665cbff162ae49885e3b4e9e94f8568065c551c5556e5dcc0d6dc
03c1bc6cec5b212cf9832c2b1c54ab014e6cb9b0fff393c8cd698febe472012f
05c78d6a2624f38e659dfad31d402bbda31897361e2ea1a4ef04bd1e78d41b85
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
08aae9a8ab692ff09afb7d64586796411846f542beb71cbac84652c841e3e4b3
08d58eea55ad5fe4d16a05e54bf4d5a6c7039ded3276585ed2c8d0d6e4e3118a
0a4a68011410d87295e6c0beca23809f99ad75b1151922daa40a7e1a28d7521a
0aa5201729bac890535667e48073ab88a75040b0858a54292ec020832e4aee24
0b8acc0c1a541b4572172f8c39ff60f586962fa6bb9f1edd840d1d77da1d3818
0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025
0e23ae12acc4e0682e994aea25d669a2eb2c3b23227cbf481a0561ad36cbf62e
0fef79f02963a95547204728088b53f828310d23db1371f5402e368562ae1028
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
13031d4ec04980984b56e9152739c608e15fcda23007e524117198f054385eb6
146b085fcb240a04c301d265173b47e2794d3fd86c26ccb986ca01095fe8f847
14b1387a04f18b3807a637d7b856207b0a7188e9fff311474dd2b8ce486a28c0
183eab2a4c3771163b58ae7f5197995f945817c084f800f2a001dad097d45518
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88
1df8b4fb8cc235e84595dbb9376181d2b8fce1ed6f7ce1430fa99f203da638a6
1e8190419619e17bcebc2396df4b657f199190022ec1e4b17a9283024258913e
20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55
2203c94fd25a08e138d90bbb6eb603afdd9559f76fda2c2942441e624a772d19
2490e3c50e40eb0dc7ee7938faab952b6fc060473df60590ce4e32a504d7325e
24d9e96411f85aaf840cb0db9ee24594ae35996cef4e69906ea18d6fb268db8f
250a093f7e99e4da00e86ea8ab8301c6dd652d8a47c519e3d8f37644807ff549
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
297b11b73f279cda0fd0e85dff57794632a55303e6a08fa2b8b4fd03df1a2030
2e99b0db1588a43579a468efa40eed92abfba98328fe75930bee8d1f18b79f1d
2f4794aed81240b36ae426759588a1d6a7762b0dc9deed3a00046086d986f2dc
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3df1caa518a23d4a674e208e52851a6c423b319e9d0509ef5119272bb409619d
3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772
419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c
45bd57a08f2ab75688b262993ca9687a1997df152860a1c146b863751719a6e6
489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
60bd153e96e839cf4297dbcc8bf52c7cca9b12ddc969abb8b5d932550f223dd0
62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce
63d6347d7105db282ca81c10db370efa15fc1b564f9c17cf35c608edde582e4d
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
64291ca8205f7a6497699499c83bcf2fed41389e6c63a62bd1cfaa6cf96b7784
67945bb1a1d03c7896b446da7780f9d85108094515e39c21ebb22c5c808117c5
6977fc5b8805e75ff4e95ff35fec37df6b793165bb1c55926cb34c908726d8d8
698cd435eec4c16ebf0fc24cf4dd5aca96d7b96a1b017742f5a98b403a4a6b92
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6e918cd178f2903145652818e334f51f4c3808f6136f38d37400be6a30238d41
6ef3a96924cdd39f4ebd6efe627eab4d9ad621850e29abcc0b8b6d65cbe95268
71b431588ec643cf8f700db70fdcbca462f1a820f4792885bc182f4193f65201
71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211
721c262f4a94e7285dc57669e73dfcc1da0b33608e9d4815f4a061ae3dd98754
73e0e291c869fcab0c397de6a43ca086f33820ffc5405c4b1a7f95f40f25b5c1
759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd
7984e9e9681d142e69fdb34546a5982a2a92bdf71c42ccf3a0626387908f42a8
7ad9ef3a4bc35c8e26b515b58bfa16be478746a7716c91b69c5d53222986f959
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d8f9f49d3876ee779a842453bf2fce64102ebb39ee06b87018573b41d6458e7
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c21ae42126ca8a9e48f655942cbbbc211ff94ca75f7e0ae79a1cf22f68d3e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
88a7f2522dd8c93c1f5007fcbcd059cff32a895cdab67e4d0398e94e950fbb65
89883270ecd3fd6c1f20edf2008ed776a34c017f95ce34ccf1568c900c302474
8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a
8c4c71b0169b02ae8c5a0ba34b1acccfe2c52589f2ab3457edce9db2c7b53f58
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
9625862ee4fbfc5dd16dce599111dd10fae37be370ace1d7c6aa2e7e8305dd72
965fa8b470b1e97662e805a1d702a4e5c96339c9d1a8a39fd77eb252ae8cedbd
968aa77906b12777060a2d8c5794c27a2642ae106bda2363c9a868749d83bc6f
96dec63fd944241d18ec974da0808f68fffd2624424237c1a24b5fe36b6374e2
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85
a193d96b7c6ae5f2af4f2f30a4cb64847d98089b3abe820f3d99c743e64940e1
a55d0c890c624efdb6eeac4f492c995e7a348b1c070a40d960b028ecea05b31f
a83e5546eeacb459a6444dfd0cbb5ca8cdb7b3f999954d2c554013f3a7f9694b
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22a1ebdf9aecea6f73860db0e9d184d96d28d85196efd42cfae5d8d0f103571
b2f9480f6a1703fd69ff74ba2434d456a665195b59162a45d162373ba4ec3674
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b600f1dc62b172effa1611f27da2410354b23d9bc79f34a525821752fafcde83
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b997771b977af3bec6771596b6226b9d56c25a96ac5a321f925b369e4fd18e28
bbdafb884904e356dd106e4201b9c1f00682c98771152a4a0affb3e011e38c73
bcab47f7ecc09894e162123c7a1ab34493022f3cf0d93006dbb2200d9e83d8ad
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c283f624330331ea2fe1ad26901978ed63c23e1288375038638fd558cda10201
c3861fd3ef70e39953663756f1d2da0fc7468988ae1d2e36ec7335c6087240ea
c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c693b88392df16bddd61b639994f2244b8924383119ff366da38b211815a6614
c7d804b72efc14f38f31f36d27208604ce426c1fcc0d75bc5cd8da0dbcb33c25
c89a8bee77d21587af1a9e0dcd26a779b62436084eaf136c354ff1bf39f2c280
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cfb7ed752bcc08ab3de3ea23df456b270d5c8c5765fc5169333812cd3f2d5b7d
cfe027020696c17e347c93e23e60de05056c2b7c6763bb31e168f073d8dd421a
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d3c4b1d1abee7af1529758460c464a8721f281dfc899159dc36f521534d53fc6
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d6e3945e297b413614f66b9bbd9bf9367dd3ba97febfdcb0c6f7e235453a6ced
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
d8bda1b0af6b698fff3f612170c79a39e2fb3ed9c4d5acd8edb34c24b746d4d5
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd1b42deed1d63005cac2bac40391754f0a092f70dd062e85a628f02ee918a64
dd80297ae38d12c4041a0aa9d237f84c79b70d04be411fc45c45605b19e1288c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5
e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab
e385c747398d24128c240a4f4e0607be529c26296a4802450c8188dfa3baae87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465
e676617776908abf0fdff4b2c58d3dd18f187ddce306d3857966b2cf7aa64bb1
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f2ea6f7fef85c34966443f26f211f936fdb27746401ee96156888d52c56493ad
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f575d629b539dfe8d8925621fa60729e64e64ae2a6ca371c215d560710bb61f8
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
fd42f5805c4aceed8fd4482f9b87d0fd7fd05eb8d90eeb318952dd665a446999
fe91fc163743589009316454f46db67d0fe1287cc99d767b8c891e661cc0af21
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

capitolcanary.com Open in urlscan Pro 141.193.213.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

204 Requests

97 %HTTPS

55 %IPv6

32 Domains

45 Subdomains

41 IPs

7 Countries

2267 kBTransfer

6705 kBSize

32 Cookies

3 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

capitolcanary.com Open in urlscan Pro
141.193.213.11 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

97 %
HTTPS

55 %
IPv6

32
Domains

45
Subdomains

41
IPs

7
Countries

2267 kB
Transfer

6705 kB
Size

32
Cookies

204 HTTP transactions
0 data transactions