www.digitalshadows.com Open in urlscan Pro
2600:9000:2156:9000:9:91af:d140:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIj...
Submission: On October 08 via manual (October 8th 2020, 1:33:05 pm UTC) from US

Summary HTTP 146 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 34 domains to perform 146 HTTP transactions. The main IP is 2600:9000:2156:9000:9:91af:d140:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.digitalshadows.com.
TLS certificate: Issued by Amazon on July 29th 2020. Valid for: a year.

This is the only time www.digitalshadows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2600:9000:215... 2600:9000:2156:9000:9:91af:d140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
5	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
2	2a02:26f0:10c... 2a02:26f0:10c:5a4::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	52.60.165.183 52.60.165.183	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	104.16.95.80 104.16.95.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
3	52.84.112.70 52.84.112.70	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:203... 2600:9000:203c:f600:12:53a8:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	104.111.239.158 104.111.239.158	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:92c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.13.202.201 162.13.202.201	15395 (RACKSPACE...) (RACKSPACE-LON)
2	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
2	134.213.193.62 134.213.193.62	15395 (RACKSPACE...) (RACKSPACE-LON)
10	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
4	99.86.243.77 99.86.243.77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	3.220.228.61 3.220.228.61	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 12	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
27 36	52.30.34.11 52.30.34.11	16509 (AMAZON-02) (AMAZON-02)
2	52.59.102.119 52.59.102.119	16509 (AMAZON-02) (AMAZON-02)
1 3	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	38.133.127.31 38.133.127.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 3	18.158.113.203 18.158.113.203	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1 3	3.123.111.134 3.123.111.134	16509 (AMAZON-02) (AMAZON-02)
1 3	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	35.221.11.9 35.221.11.9	15169 (GOOGLE) (GOOGLE)
146	41

26 2600:9000:2156:9000:9:91af:d140:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:5a4::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.60.165.183 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

resources.digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.80 (United States)

ASN13335 (CLOUDFLARENET, US)

app-lon04.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.112.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-112-70.sof50.r.cloudfront.net

content.cdntwrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:203c:f600:12:53a8:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cihost.uberflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.239.158 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-158.deploy.static.akamaitechnologies.com

lonrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.13.202.201 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

lonrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.213.193.62 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

457-xey-671.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.243.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-77.vie50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.228.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-228-61.compute-1.amazonaws.com

flipbot.uberflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.210.248.216 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 52.30.34.11 (Dublin, Ireland) 27 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.102.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-102-119.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.249.164 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 38.133.127.31 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.113.203 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-113-203.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom) 2 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.123.111.134 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-111-134.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.240 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.221.11.9 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 9.11.221.35.bc.googleusercontent.com

r2.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	adroll.com 27 redirects s.adroll.com d.adroll.com	56 KB
31	digitalshadows.com www.digitalshadows.com resources.digitalshadows.com	4 MB
12	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com r2.visualwebsiteoptimizer.com	92 KB
11	marketo.com app-lon04.marketo.com lonrtp1-cdn.marketo.com rtp-static.marketo.com lonrtp1.marketo.com	233 KB
10	uberflip.com cihost.uberflip.com flipbot.uberflip.com	193 KB
7	typekit.net use.typekit.net p.typekit.net	50 KB
4	outbrain.com 2 redirects sync.outbrain.com	1 KB
4	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
4	licdn.com snap.licdn.com	6 KB
4	driftt.com js.driftt.com	91 KB
4	marketo.net munchkin.marketo.net	13 KB
4	gstatic.com fonts.gstatic.com	38 KB
3	openx.net 1 redirects us-u.openx.net	585 B
3	adnxs.com 1 redirects ib.adnxs.com	3 KB
3	bidswitch.net 1 redirects x.bidswitch.net	1 KB
3	3lift.com 1 redirects eb2.3lift.com	1 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com	3 KB
3	cdntwrk.com content.cdntwrk.com	355 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	2 KB
2	yahoo.com 2 redirects ads.yahoo.com	1 KB
2	taboola.com sync.taboola.com	435 B
2	pubmatic.com simage2.pubmatic.com	2 KB
2	rubiconproject.com pixel.rubiconproject.com	478 B
2	advertising.com pixel.advertising.com	249 B
2	consensu.org 2 redirects d.adroll.mgr.consensu.org	275 B
2	mktoresp.com 457-xey-671.mktoresp.com	786 B
2	googletagmanager.com www.googletagmanager.com	88 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	38 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	ipapi.co ipapi.co	765 B
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	fontawesome.com use.fontawesome.com	14 KB
1	unpkg.com unpkg.com	7 KB
146	34

	Domain	Requested by
34	d.adroll.com	25 redirects www.digitalshadows.com resources.digitalshadows.com
26	www.digitalshadows.com	www.digitalshadows.com content.cdntwrk.com
12	s.adroll.com	2 redirects www.googletagmanager.com www.digitalshadows.com s.adroll.com d.adroll.com resources.digitalshadows.com
10	dev.visualwebsiteoptimizer.com	www.digitalshadows.com dev.visualwebsiteoptimizer.com
9	cihost.uberflip.com	resources.digitalshadows.com cihost.uberflip.com
5	resources.digitalshadows.com	www.digitalshadows.com content.cdntwrk.com resources.digitalshadows.com
5	use.typekit.net	www.digitalshadows.com use.typekit.net resources.digitalshadows.com
4	sync.outbrain.com	2 redirects www.digitalshadows.com resources.digitalshadows.com
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com
4	js.driftt.com	resources.digitalshadows.com www.digitalshadows.com js.driftt.com
4	lonrtp1.marketo.com	lonrtp1-cdn.marketo.com
4	rtp-static.marketo.com	lonrtp1-cdn.marketo.com
4	munchkin.marketo.net	www.digitalshadows.com munchkin.marketo.net
4	fonts.gstatic.com	fonts.googleapis.com
3	us-u.openx.net	1 redirects www.digitalshadows.com resources.digitalshadows.com
3	ib.adnxs.com	1 redirects www.digitalshadows.com resources.digitalshadows.com
3	x.bidswitch.net	1 redirects www.digitalshadows.com resources.digitalshadows.com
3	eb2.3lift.com	1 redirects www.digitalshadows.com resources.digitalshadows.com
3	dsum-sec.casalemedia.com	1 redirects www.digitalshadows.com resources.digitalshadows.com
3	px.ads.linkedin.com	1 redirects www.digitalshadows.com resources.digitalshadows.com
3	content.cdntwrk.com	resources.digitalshadows.com
3	fonts.googleapis.com	www.digitalshadows.com resources.digitalshadows.com cihost.uberflip.com
2	r2.visualwebsiteoptimizer.com	dev.visualwebsiteoptimizer.com
2	cm.g.doubleclick.net	2 redirects
2	ads.yahoo.com	2 redirects
2	sync.taboola.com	www.digitalshadows.com resources.digitalshadows.com
2	simage2.pubmatic.com	www.digitalshadows.com resources.digitalshadows.com
2	pixel.rubiconproject.com	www.digitalshadows.com resources.digitalshadows.com
2	pixel.advertising.com	www.digitalshadows.com resources.digitalshadows.com
2	d.adroll.mgr.consensu.org	2 redirects
2	457-xey-671.mktoresp.com	munchkin.marketo.net
2	www.googletagmanager.com	resources.digitalshadows.com www.digitalshadows.com
2	lonrtp1-cdn.marketo.com	www.digitalshadows.com resources.digitalshadows.com
2	stackpath.bootstrapcdn.com	resources.digitalshadows.com
2	p.typekit.net	use.typekit.net
1	www.linkedin.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	flipbot.uberflip.com	content.cdntwrk.com
1	ipapi.co	www.digitalshadows.com
1	cdnjs.cloudflare.com	resources.digitalshadows.com
1	use.fontawesome.com	resources.digitalshadows.com
1	unpkg.com	resources.digitalshadows.com
1	app-lon04.marketo.com	www.digitalshadows.com
146	43

This site contains links to these domains. Also see Links.

Domain
resources.digitalshadows.com
info.digitalshadows.com
portal-digitalshadows.com
news.yahoo.com
www.zdnet.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
www.digitalshadows.com Amazon	`2020-07-29` - `2021-08-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
san1109.cdntwrk.com Let's Encrypt Authority X3	`2020-08-11` - `2020-11-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
app-lon04.marketo.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
content.cdntwrk.com DigiCert SHA2 Secure Server CA	`2020-04-07` - `2021-01-11`	9 months	crt.sh
*.uberflip.com Amazon	`2020-08-04` - `2021-09-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
flipbot.uberflip.com Let's Encrypt Authority X3	`2020-09-16` - `2020-12-15`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-10-04` - `2021-03-31`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-11` - `2021-12-31`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Frame ID: 6FE24B311D9F1FE87A9CA3D57A07909F
Requests: 84 HTTP requests in this frame

Frame: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Frame ID: 044B2C01A32B9F00E1E0965244326F5A
Requests: 60 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 25BE5B2BCA4F914C3D974CE0614C3498
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: ED04DE08B1AEA7AB2796D3F966334B60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

146
Requests

99 %
HTTPS

41 %
IPv6

34
Domains

43
Subdomains

41
IPs

7
Countries

5733 kB
Transfer

10359 kB
Size

20
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://resources.digitalshadows.com/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Resources Center

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/DigitalRiskProtection-Practitioner-Navigation.html?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Practical Guide to Digital Risk

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/weekly-intelligence-summary?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Intelligence Summary

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/whitepapers-and-reports?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Research Reports

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/podcast-shadow-talk?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: ShadowTalk Podcast

Search URL Search Domain Scan URL

URL: https://portal-digitalshadows.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/DemoRequest-Website-Button.html?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Request Demo

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/test-drive-registration-HB.html?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Try For Free

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/exclusive-dhs-warns-of-fake-election-websites-potentially-tied-to-criminals-foreign-actors-221029900.html
Title: warned Internet users of potentially malicious domains

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/google-removes-106-chrome-extensions-for-collecting-sensitive-user-data/
Title: Google removed 106 Chrome extensions

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/phishing-protection?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Phishing Protection resources center page

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/test-drive-registration-blognewsad.html?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Try It Now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/digitalshadows/

Search URL Search Domain Scan URL

URL: https://twitter.com/digitalshadows

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2284467/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCqgjXfx8uDkDZgmKHmqZQvw

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/test-drive-registration-footer.html?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Try For Free

Search URL Search Domain Scan URL

URL: https://resources.digitalshadows.com/customer-stories?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Customer Stories

Search URL Search Domain Scan URL

URL: https://info.digitalshadows.com/DigitalRiskProtection-Practitioner-FooterNav.html?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Title: Practical Guide to Digital Risk

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1602163963232&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2017233%26time%3D1602163963232%26url%3Dhttps%253A%252F%252Fwww.digitalshadows.com%252Fblog-and-research%252Frevisiting-typosquatting-and-the-2020-us-presidential-election%252F%253Fmkt_tok%253DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1602163963232&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D&liSync=true

Request Chain 91

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 93

https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=abb59444a4b77b5aa6ff6d86c0bd380c&_b=2 HTTP 302
https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=abb59444a4b77b5aa6ff6d86c0bd380c&_b=2

Request Chain 95

https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&pv=36016951512.946724&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/IANINNYENVANJHID2VKV5Q.js

Request Chain 97

https://d.adroll.com/cm/aol/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 98

https://d.adroll.com/cm/index/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699963 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699963&C=1

Request Chain 99

https://d.adroll.com/cm/n/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expires=365

Request Chain 100

https://d.adroll.com/cm/outbrain/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&rdrctExp=true

Request Chain 101

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 102

https://d.adroll.com/cm/taboola/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

Request Chain 103

https://d.adroll.com/cm/triplelift/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 104

https://d.adroll.com/cm/r/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 105

https://d.adroll.com/cm/b/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

Request Chain 106

https://d.adroll.com/cm/x/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

Request Chain 108

https://d.adroll.com/cm/o/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf

Request Chain 109

https://d.adroll.com/cm/g/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=UqxG9ftKabymy0acgDPBzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=UqxG9ftKabymy0acgDPBzw&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 118

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 120

https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=62aaf7b484de96462d9399d613dff637&_b=2 HTTP 302
https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=62aaf7b484de96462d9399d613dff637&_b=2

Request Chain 121

https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&pv=68594175848.280914&cookie=&adroll_s_ref=https%3A//www.digitalshadows.com/&keyw= HTTP 302
https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/DTU3QQ67CZHH7PXZJ5SXHH.js

Request Chain 124

https://d.adroll.com/cm/aol/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 125

https://d.adroll.com/cm/index/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699964

Request Chain 126

https://d.adroll.com/cm/n/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expires=365

Request Chain 127

https://d.adroll.com/cm/outbrain/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&rdrctExp=true

Request Chain 128

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 129

https://d.adroll.com/cm/taboola/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

Request Chain 130

https://d.adroll.com/cm/triplelift/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e

Request Chain 132

https://d.adroll.com/cm/r/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 133

https://d.adroll.com/cm/b/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

Request Chain 134

https://d.adroll.com/cm/x/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

Request Chain 136

https://d.adroll.com/cm/o/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf

146 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/ 869 KB
62 KB 68ms
39ms Document
text/html 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

DS /

Resource Hash

b036e1dbcb509ddd7e2ce187b8661f0dcc75e6f76f8097dd02112c7ae1f259a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .marketo.com munchkin.marketo.net .google-analytics.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net use.typekit.net https://js.driftt.com https://static.hotjar.com https://script.hotjar.com https://tagmanager.google.com .adroll.com https://d.adroll.mgr.consensu.org https://snap.licdn.com https://.visualwebsiteoptimizer.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .marketo.com .typekit.net unpkg.com https://tagmanager.google.com; img-src * data:; connect-src 'self' .marketo.com .mktoresp.com api.ipstack.com https://ipapi.co https://.hotjar.com: https://vc.hotjar.io:* wss://.hotjar.com https://.visualwebsiteoptimizer.com; child-src 'self' https://vars.hotjar.com; font-src 'self' data: fonts.gstatic.com use.typekit.net unpkg.com https://script.hotjar.com; form-action .marketo.com; frame-src resources.digitalshadows.com .marketo.com www.youtube.com www.slideshare.net w.soundcloud.com https://js.driftt.com https://vars.hotjar.com https://mitre-attack.github.io
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.digitalshadows.com
:scheme: https
:path: /blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html
x-amz-id-2: hz9WCp8LdW5+G+A8NIebzzUqOvMfYK58SwpsGIlZ8t6WA1c+3weZRAuan1csbgQ6EE1KldZETOA=
x-amz-request-id: 44CB8F562121DC7E
last-modified: Thu, 08 Oct 2020 08:49:29 GMT
server: DS
content-encoding: gzip
date: Thu, 08 Oct 2020 13:31:16 GMT
etag: "f5b2fa45923de3754171de92794c28c4"
vary: Accept-Encoding
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.marketo.com munchkin.marketo.net *.google-analytics.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net use.typekit.net https://js.driftt.com https://static.hotjar.com https://script.hotjar.com https://tagmanager.google.com *.adroll.com https://d.adroll.mgr.consensu.org https://snap.licdn.com https://*.visualwebsiteoptimizer.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.marketo.com *.typekit.net unpkg.com https://tagmanager.google.com; img-src * data:; connect-src 'self' *.marketo.com *.mktoresp.com api.ipstack.com https://ipapi.co https://*.hotjar.com:* https://vc.hotjar.io:* wss://*.hotjar.com https://*.visualwebsiteoptimizer.com; child-src 'self' https://vars.hotjar.com; font-src 'self' data: fonts.gstatic.com use.typekit.net unpkg.com https://script.hotjar.com; form-action *.marketo.com; frame-src resources.digitalshadows.com *.marketo.com www.youtube.com www.slideshare.net w.soundcloud.com https://js.driftt.com https://vars.hotjar.com https://mitre-attack.github.io
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Hit from cloudfront
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0Rz52NNeE60FTZSdK9KgO6H5Yf47_hIrX0rkaFtBm5GnXWRJIuISzQ==

GET
H2 200 style.min.css
www.digitalshadows.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 15ms
12ms Stylesheet
text/css 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 09:08:11 GMT
server: AmazonS3
age: 16900
etag: W/"2e7e1d1c1d4d446a1b6b63295757d859"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SHBs7M8adhGFG-YFqSkZdhDqQcI7N39nij8qusyB7JNkdhoc8kLk0w==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 blocks.style.build.css
www.digitalshadows.com/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 16ms
13ms Stylesheet
text/css 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.3.11
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57cd1d26474ce5b3da3a5167accb4460197ae0e15a10d99dabb3e0ac35510bfc

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 19:08:25 GMT
server: AmazonS3
age: 16900
etag: W/"e7917e087b5d4a93bac981089a689b5a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hI8jEmQ0LlNYoNIZr7EIkCUjOl2IOe03ec96l6t_hqh5qGLhuUVgDA==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 cookie-law-info-public.css
www.digitalshadows.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 4 KB
2 KB 16ms
13ms Stylesheet
text/css 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe73b01b5ce1a6a3a27e01685c699fb946032a9d2de1f45c69683b370b7df9d7

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 09:08:11 GMT
server: AmazonS3
age: 16900
etag: W/"698bbc80a0c7cb9f198a939830d34008"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5mPXRd9z_d9I3M9YaITh1bK_US_D5dxoVI68lcXifBXZ52yrSdHjQg==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 cookie-law-info-gdpr.css
www.digitalshadows.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 21 KB
5 KB 17ms
14ms Stylesheet
text/css 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d465ec0d8b0af3ae0c868b2846850adcd873264a2ae17fd5034b429986b96cb

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 09:08:11 GMT
server: AmazonS3
age: 16900
etag: W/"582f86409632b23c55930dff1706ce93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6e1YrKOeXQJzt5WtCPIrwq1Wggq9-TPEYlPIYuZNVBD_DthoLz9P5Q==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 cookieconsent.min.css
www.digitalshadows.com/wp-content/themes/digital-shadows/assets/css/ 4 KB
1 KB 20ms
17ms Stylesheet
text/css 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets/css/cookieconsent.min.css?ver=1.0.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2017 18:33:43 GMT
server: AmazonS3
age: 16900
etag: W/"4affda653d65484bf6983822fa6adb23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0H9DiR5aY6dhjWQPhxa_ncr5k0bWrJJJ59sppzTHAqJk1_1de48SGA==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 ds-fixes.css
www.digitalshadows.com/wp-content/themes/digital-shadows/assets/css/ 4 KB
1 KB 22ms
19ms Stylesheet
text/css 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets/css/ds-fixes.css?ver=1.2.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3101ddc4c642e7c965f0ab56c14e23e18100b336024d11aeb9cd6175812189be

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 17:42:12 GMT
server: AmazonS3
age: 16900
etag: W/"f96e53c11a167210b5be28fb7efc144a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0mzt0iNG2M1ylIAUFxd2Wi_a8OWAp_2z_-KDnW6CsmRWZua4jFCEBg==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 test-drive-section.min.css
www.digitalshadows.com/wp-content/themes/digital-shadows/assets/css/ 3 KB
1 KB 17ms
14ms Stylesheet
text/css 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets/css/test-drive-section.min.css?ver=1.0.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f942cfe26179e7c55d2de1dfb1930f960a30610926f1f5d2026f294676400d7

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Thu, 27 Sep 2018 15:30:43 GMT
server: AmazonS3
age: 16900
etag: W/"43b8c8d32ebb175b6af2340cdca8fba6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: v9Ats4VjoksdtL11_mPMCLW3M_pFBQPVdwhELhBgvjqIgImEujcmdg==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 main.d71f170f49f08f1af34f.css
www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/styles/ 263 KB
43 KB 44ms
42ms Stylesheet
text/css 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/styles/main.d71f170f49f08f1af34f.css?ver=5.5.1
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09fc85010c1f0f2baeb8b3ca5965ddb4e76bb09fd2746746eabfee710b59e586

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 17:06:24 GMT
server: AmazonS3
age: 16900
etag: W/"341b82aaa2f6119998f429230f7be50a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Y6s3nyKjNHItuaj69TuNYs-pUa2E86l_4ehTArTU111HsnSwXHjwxw==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 jquery.js Show response
www.digitalshadows.com/wp-includes/js/jquery/ 95 KB
33 KB 17ms
15ms Script
application/javascript 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 19:08:26 GMT
server: AmazonS3
age: 16900
etag: W/"49edccea2e7ba985cadc9ba0531cbed1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fP4gjGCv9Mj8qTHq9fWzODWCQxMWwe22aHZ4rggqGO1zFkArKYgbtg==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 jquery.cookie.js Show response
www.digitalshadows.com/wp-content/plugins/sitepress-multilingual-cms/res/js/ 3 KB
1 KB 20ms
19ms Script
application/javascript 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/plugins/sitepress-multilingual-cms/res/js/jquery.cookie.js?ver=4.4.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f7e0fc0541ef13ade8dfbd9de3a7e2a6d0d66f125a89a80e0f76d2a92f26306

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 08:41:27 GMT
server: AmazonS3
age: 16900
etag: W/"ad10cd46a043368685a36a611490d08e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PiuXD7QWaFvm31AtbicV0Ew229w2Jb5iNRyjk14iJHKSORFxt5A6FA==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 language-cookie.js Show response
www.digitalshadows.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 227 B
563 B 19ms
17ms Script
application/javascript 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.4.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0c6a55fbd3e75031909f5cb7bb05b561313edae55c5657e5435c8a9623adcb5

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 24 Sep 2020 08:41:27 GMT
server: AmazonS3
age: 16900
etag: "fdd67d0316e33e8f57f8e3cbeaf5b490"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 227
x-amz-cf-id: ROJUmPfrsCwJihfcWUZE0grYpQbv8aXeWN9gjwx6qO-yrtVC7QUGVw==

GET
H2 200 cookie-law-info-public.js Show response
www.digitalshadows.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 45 KB
11 KB 19ms
18ms Script
application/javascript 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce2eab0cad67171876a0fae4daecd644c0cf7805be51e4379430a96a1e213c1c

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 09:08:11 GMT
server: AmazonS3
age: 16900
etag: W/"9ba386c42370e3a8edbc845baba13f0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oHLcNDGQtstekSr37Mmujcm3NAKNruPW_2GOCGFaul7kn4TCW0xwkw==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 logo.svg
www.digitalshadows.com/wp-content/themes/digital-shadows/assets/images/ 3 KB
2 KB 9ms
9ms Image
image/svg+xml 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets/images/logo.svg
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2017 01:47:35 GMT
server: AmazonS3
age: 16900
etag: W/"583031fb4ffc6aa9208f1e5e135e34ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: oOo9SQ7Th3shWbOAz2KZF5P-ScatGI3sYystqC4IGUGq0P2QT-jwfA==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 Election-poll.png
www.digitalshadows.com/uploads/2020/09/ 439 KB
440 KB 35ms
34ms Image
image/png 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2020/09/Election-poll.png
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c74591a27b6b4f5daec206753f2264b33e9a722159264748b9e58376ce7b393b

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:31:17 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 03 Sep 2020 09:08:09 GMT
server: AmazonS3
age: 84
etag: "f92c0db0bd916a5e4ae3d899d7da58e7"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 449618
x-amz-cf-id: QcnHMa2Hp822sAwzQyXUecvl2khaDWCQ7jFH8beUvZIL6FB_JFRVZw==

GET
H2 200 Kacey.jpg
www.digitalshadows.com/uploads/2018/10/ 2 MB
2 MB 12ms
11ms Image
image/jpeg 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2018/10/Kacey.jpg
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb23d5fd5964aa3c8843eeada38aa0858bfc504afc6f6426a8511a6dae17afda

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 10:42:19 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Wed, 17 Oct 2018 15:57:23 GMT
server: AmazonS3
age: 10222
etag: "7f4629792ca8b51a04900733bebe4082"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1626984
x-amz-cf-id: LM0Mb6B5MyohyBxInER3BPDCWX8o7u60KZ6FsSdYqbuqSrple2hLRw==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
892 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/styles/main.d71f170f49f08f1af34f.css?ver=5.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35901d308b760b474f8f7682022c55ef5ad97a8cf7cee503eefcb422023b705a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 13:21:21 GMT
server: ESF
date: Thu, 08 Oct 2020 13:32:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Oct 2020 13:32:40 GMT

GET
H2 200 grp0jzg.css
use.typekit.net/ 2 KB
831 B 58ms
29ms Stylesheet
text/css 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/grp0jzg.css

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/styles/main.d71f170f49f08f1af34f.css?ver=5.5.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

cb8b52ad3dc7965f172bb0e5d2e3fdc4bf56898c5cdb702a1b4f25fcb5e30531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Thu, 08 Oct 2020 13:32:40 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 631

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 32ms
10ms Stylesheet
text/css 2a02:26f0:10c:5a4::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=grp0jzg&ht=tk&f=32231.32232&a=3933308&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:40 GMT
last-modified: Wed, 24 Jun 2020 23:30:16 GMT
server: nginx
etag: "5ef3e208-5"
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 97927 Show response
resources.digitalshadows.com/hubsFront/embed_cta/ Frame 044B 81 KB
81 KB 396ms
165ms Document
text/html 52.60.165.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

Software

Resource Hash

b2e76934b27ab66f94944bd41df66c6dc40ac8014979f812537d4d15cd9f75be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: resources.digitalshadows.com
:scheme: https
:path: /hubsFront/embed_cta/97927
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.digitalshadows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.digitalshadows.com/

Response headers

status: 200
content-language: en-US
content-type: text/html; charset=UTF-8
date: Thu, 08 Oct 2020 13:32:41 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy: unsafe-url
set-cookie: _MGZ_=culsqs6i33jpd1lgs5dg64ilde; path=/; secure; HttpOnly uf_privacy_prefs=1%7C1; expires=Fri, 08-Oct-2021 13:32:41 GMT; Max-Age=31536000; path=/; secure pdf_event=WyJbe1widXVpZFwiOjExNDM3NTY0Mzl9LDE2MzM2OTk5NjFdIiwiZmUwNDE0OTI4ZTY4M2U3NDI4MjAzYjFhOTRhYjA3MWIiXQ%3D%3D; expires=Fri, 08-Oct-2021 13:32:41 GMT; Max-Age=31536000; path=/; secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ds-aerial-01-3x2.jpg
www.digitalshadows.com/uploads/2019/09/ 1 MB
1 MB 9ms
9ms Image
image/jpeg 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2019/09/ds-aerial-01-3x2.jpg
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e599593de0c6e9970308b73ee132398a6574324c5b1e91205d657a213669867

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Mon, 23 Sep 2019 18:57:31 GMT
server: AmazonS3
age: 16900
etag: "60301525963df1efae31e68df17ce1ab"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1423935
x-amz-cf-id: XQy9yAyTw-t5eD92Es53Rsn8jmsxgO-4Q4ss-CJUHLrdev3gVC9RDA==

GET
H2 200 l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 16 KB
16 KB 33ms
11ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Origin: https://www.digitalshadows.com
Referer: https://use.typekit.net/grp0jzg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:40 GMT
server: nginx
etag: "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16456

GET
H2 200 fa-solid-900.woff2
www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/fonts/ 78 KB
78 KB 8ms
7ms Font
font/woff2 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/fonts/fa-solid-900.woff2
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/styles/main.d71f170f49f08f1af34f.css?ver=5.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Origin: https://www.digitalshadows.com
Referer: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/styles/main.d71f170f49f08f1af34f.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 30 Apr 2020 15:58:00 GMT
server: AmazonS3
age: 16899
etag: "b15db15f746f29ffa02638cb455b8ec0"
x-cache: Hit from cloudfront
content-type: font/woff2
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 79444
x-amz-cf-id: XBj55YEpWOLqhOfDcScCcvcAPZbkZZ-kY3bawKROHVCfWsKTWSgALQ==

GET
H2 200 fa-brands-400.woff2
www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/fonts/ 75 KB
75 KB 9ms
8ms Font
font/woff2 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/fonts/fa-brands-400.woff2
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/styles/main.d71f170f49f08f1af34f.css?ver=5.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Origin: https://www.digitalshadows.com
Referer: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/styles/main.d71f170f49f08f1af34f.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 30 Apr 2020 15:57:59 GMT
server: AmazonS3
age: 16899
etag: "a06da7f0950f9dd366fc9db9d56d618a"
x-cache: Hit from cloudfront
content-type: font/woff2
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 76612
x-amz-cf-id: mDvvrAlfhF3ZCZgIM1359XOYNluFysRFmun1rt5gUfsan-trBwUBZQ==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.digitalshadows.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 155364
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:23:16 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.digitalshadows.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 155417
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:23 GMT

GET
H2 200 l
use.typekit.net/af/7f09be/00000000000000003b9b0acb/27/ 15 KB
16 KB 28ms
13ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7f09be/00000000000000003b9b0acb/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 490a471eb1956df4e31c8cb7d9e0d0d3062bd51e8a60b8f26b63cb7b50103501

Request headers

Origin: https://www.digitalshadows.com
Referer: https://use.typekit.net/grp0jzg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:40 GMT
server: nginx
etag: "46b57e3bdcaac36d275304ba2c6a88f5f3981efb"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15860

GET
H2 200 typoquatting.png
www.digitalshadows.com/uploads/2020/09/ 351 KB
352 KB 10ms
9ms Image
image/png 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2020/09/typoquatting.png
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 286ee6abe696f417a4b0e7e7d515c93f57f3fe02d9736ce1c57f2f6d7eafe083

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:31:17 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 03 Sep 2020 09:08:11 GMT
server: AmazonS3
age: 85
etag: "3993e7250baa0d1b8e1694b4acbf095c"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 359553
x-amz-cf-id: u1vUMl-wf92i3fRt-jEvZ3MnkWHGlcg4nORPVOALfxsmYL78dsyMKw==

GET
H2 200 fake-domain.png
www.digitalshadows.com/uploads/2020/09/ 43 KB
43 KB 10ms
9ms Image
image/png 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2020/09/fake-domain.png
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f746556f2f71e2613911302a06abe9a4f09e54fe21969438505cecfc77f0d6ab

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:31:17 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 03 Sep 2020 09:08:10 GMT
server: AmazonS3
age: 85
etag: "60a6865499ab122b97f4d5a44db8bade"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 43585
x-amz-cf-id: n0oFzb1cPYRoN6tvgDkS_JDWjfe8jBABRmMV_EYTd_YPIYdCNpm21Q==

GET
H2 200 Fig2.png
www.digitalshadows.com/uploads/2020/09/ 138 KB
138 KB 12ms
11ms Image
image/png 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/uploads/2020/09/Fig2.png
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb6fefa2c50d05ac6389702c57af20a5edae7da80be444ce0e2fb0e6d40e78c2

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:31:17 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 03 Sep 2020 09:08:09 GMT
server: AmazonS3
age: 85
etag: "cf0af3da4117c04b3df3233fd7bc38d4"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 141159
x-amz-cf-id: FpyITvPbafvGZf9xpgWA-wa_ExzAad-PcNKIqEKpgC07SNaopkOoyg==

GET
H2 200 mpp-frontend.js Show response
www.digitalshadows.com/wp-content/plugins/metronet-profile-picture/js/ 331 B
665 B 8ms
7ms Script
application/javascript 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.3.11
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:02 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Mon, 13 Apr 2020 19:08:25 GMT
server: AmazonS3
age: 16900
etag: "f0cba76b7742df5f4c51e5b1d106c1a7"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 331
x-amz-cf-id: kY7tJNekyFq3E-iMr4x8ISwVAmllLUBoZy6O7xasO12wKDmHj7g5Sg==

GET
H2 200 forms2.min.js Show response
app-lon04.marketo.com/js/forms2/js/ 205 KB
69 KB 84ms
35ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-lon04.marketo.com/js/forms2/js/forms2.min.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f24c51a94a931f1bdd7c3dacc9ebb3848305f5eb5a3feddf0b01227f6c778c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2793
status: 200
vary: Accept-Encoding
cf-request-id: 05aa0307d500000b4bf2b9e200000001
last-modified: Wed, 26 Aug 2020 19:08:12 GMT
server: cloudflare
etag: "6a0cf7-33237-5adcc8a7dff00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 5df03ab95ff70b4b-AMS
expires: Thu, 08 Oct 2020 17:32:41 GMT

GET
H2 200 ds.js Show response
www.digitalshadows.com/wp-content/themes/digital-shadows/assets/js/ 5 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets/js/ds.js?ver=1.1.0
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f944b22e1461799d83c6cd00156bfeba153f123acf677a86fe0bfd3fd8f0551a

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:02 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 19:08:25 GMT
server: AmazonS3
age: 16900
etag: W/"f5340dd9ab6b9183449f66193f126457"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: c7lFjEqTvWvOLSrC-ErtHGS5S7XLmqVLXvdR0thMt4NLxoLSskTDTQ==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 main.9e9c0b8ea451559a47b6.js Show response
www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/scripts/ 210 KB
63 KB 31ms
30ms Script
application/javascript 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/scripts/main.9e9c0b8ea451559a47b6.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81704139c08eaaf20aff12ec84e605dc3e87e004c10cd5628cdaeb0cdd070686

Request headers

Referer: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:02 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 09:39:20 GMT
server: AmazonS3
age: 16900
etag: W/"aa8725718d6f1295051b698e53b68849"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Jaotqjdmbl8G7pTEZ3OpcQKFjZfVSWyIZetwSFdmNAyBayQjtKdOIQ==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 044B 19 KB
1 KB 64ms
42ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07e488fc7ca98a10872edeac01b7baffc4ee033ba9dda67d1de361df52af331b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 13:32:41 GMT
server: ESF
date: Thu, 08 Oct 2020 13:32:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Oct 2020 13:32:41 GMT

GET
H2 200 hubs.7c8c16b82e8711a126a3.css
content.cdntwrk.com/css/hubs/ Frame 044B 262 KB
44 KB 183ms
66ms Stylesheet
text/css 52.84.112.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/hubs/hubs.7c8c16b82e8711a126a3.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-70.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88f8edf77adaf9164306cba3952f16b34f753ab92cc7aea9d904b9b25deb970f

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 14:30:21 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 14:27:41 GMT
server: AmazonS3
age: 255742
status: 200
etag: W/"d5865e8c07bc9d3aa9689974df07feb7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: kMGba3ZUUAe9gzDacIrgHhiBEv_A7lyctpfIepZsI62GM-t_RBp5cw==
via: 1.1 6752f2850d05a4fdd1d6e5786f5d2938.cloudfront.net (CloudFront)

GET
H2 200 style.css
cihost.uberflip.com/digitalshadows/master/build/ Frame 044B 473 KB
56 KB 132ms
45ms Stylesheet
text/css 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12cb6f4a3c9fd0d20d99973654a5ee6a58e1e280a28327834a0a671370f9fded

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 06:46:14 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 21:12:20 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570733735/ctime:1570733736/gid:20/gname:staff/md5:f2ebaa768a782bff84a4f90e5d33a408/mode:33188/mtime:1570733736/uid:502/uname:modip
age: 24388
etag: "f2ebaa768a782bff84a4f90e5d33a408"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: wiQLAk1nulW_QD4cZcPUwgLO7yHgtQlEjqrMsIGaOoqJkOXO35SWRw==
via: 1.1 ec6357e657c548ad9e9ce985f638540c.cloudfront.net (CloudFront)

GET
H2 200 ionicons.min.css
unpkg.com/ionicons@4.5.10-0/dist/css/ Frame 044B 44 KB
7 KB 42ms
39ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14240067
status: 200
vary: Accept-Encoding
cf-request-id: 05aa03081e000097e4789c6200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"b09c-0qR+qwWhl5h3I61TCWRhFVmJ40Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 22a408234bbdac1a0d0c2c1c9c5cb289
cache-control: public, max-age=31536000
cf-ray: 5df03ab9cea197e4-FRA

GET
H2 200 grp0jzg.css
use.typekit.net/ Frame 044B 2 KB
831 B 7ms
5ms Stylesheet
text/css 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/grp0jzg.css

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

cb8b52ad3dc7965f172bb0e5d2e3fdc4bf56898c5cdb702a1b4f25fcb5e30531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Thu, 08 Oct 2020 13:32:41 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 631

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ Frame 044B 54 KB
14 KB 66ms
22ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:41 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 21:31:35 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 ajax-loader-white-2x.gif
content.cdntwrk.com/img/hubs/ Frame 044B 3 KB
3 KB 59ms
56ms Image
image/gif 52.84.112.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=64ea6287d559
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-70.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 04 Oct 2020 16:56:28 GMT
via: 1.1 6752f2850d05a4fdd1d6e5786f5d2938.cloudfront.net (CloudFront)
last-modified: Wed, 30 Sep 2020 14:29:51 GMT
server: AmazonS3
age: 333375
etag: "5217392f882b27d35ec2e72946f2df7e"
status: 200
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: SOF50-C1
accept-ranges: bytes
content-length: 2707
x-amz-cf-id: 65Xc2ZPxylswZbDSL_5ydSyoq1fS3qmh3NfJb8478nPgK5DtOuaUvQ==

GET
H2 200 hubs_app.7c8c16b82e8711a126a3.js Show response
content.cdntwrk.com/js/hubs/ Frame 044B 1 MB
308 KB 59ms
58ms Script
application/javascript 52.84.112.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/js/hubs/hubs_app.7c8c16b82e8711a126a3.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.112.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-112-70.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e80e5437b1391b696e7c70ffa5302c4d0dffe0b192120e77d435a5d271183fa9

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 14:30:21 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 14:27:47 GMT
server: AmazonS3
age: 255742
status: 200
etag: W/"df41554741c7ccf6428228f030568b3c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: 15Fd8d-r_YA3BII-Wn7yyR_2eUrZ6L-z9l7SBo1qoKTGd1k6F3evkw==
via: 1.1 6752f2850d05a4fdd1d6e5786f5d2938.cloudfront.net (CloudFront)

GET
H2 200 onbrand.bundle.js Show response
cihost.uberflip.com/digitalshadows/master/build/ Frame 044B 323 KB
99 KB 40ms
40ms Script
application/javascript 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/onbrand.bundle.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06a5a0a0364552ba2c4f005c5b1a10f96861bf173274e36ca74b6393857f84e3

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 23:43:30 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 15:30:03 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1592926200/ctime:1592926200/gid:116/gname:docker/md5:ce723387d78910e7b655790f7d3107b4/mode:33188/mtime:1592926200/uid:1001/uname:runner
age: 49753
etag: W/"ce723387d78910e7b655790f7d3107b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: Hxi-LtANrbPWw_ZIYx1OYO9ggow-usNAr_bCUg6722sWotBRgJ0-_Q==
via: 1.1 ec6357e657c548ad9e9ce985f638540c.cloudfront.net (CloudFront)

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame 044B 152 KB
23 KB 383ms
26ms Stylesheet
text/css 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
status: 200
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ Frame 044B 21 KB
7 KB 33ms
13ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1174709
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
cf-request-id: 05aa030a7500002b29e59f3200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602163962"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5df03abd8d652b29-FRA
expires: Tue, 28 Sep 2021 13:32:42 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ Frame 044B 57 KB
15 KB 393ms
38ms Script
text/javascript 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:57 GMT
status: 200
etag: "1550076057"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15434

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 80ms
32ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets/js/ds.js?ver=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK rtp.js Show response
lonrtp1-cdn.marketo.com/rtp-api/v1/ 154 KB
42 KB 98ms
36ms Script
application/x-javascript 104.111.239.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets/js/ds.js?ver=1.1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

db4bc85105f4e31dbd24f36d3166b78151fb82bc6a1ea21e5a54e1e0983e4377

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 22:13:01 GMT
Server: Jetty(7.3.1.v20110307)
Date: Thu, 08 Oct 2020 13:32:42 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=64
Connection: keep-alive
Content-Length: 42811
X-Akamai-Path-Stats: [3:9351:6649]

GET
H2 200 / Show response
ipapi.co/json/ 729 B
765 B 238ms
218ms XHR
application/json 2606:4700:20::681a:92c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ab61b440cb1cb7263bb52dacc7475bd7c17b109163e32908c9f2dfe582ecdf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: br
vary: Host, Origin
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, OPTIONS, OPTIONS, POST, HEAD
content-type: application/json
access-control-allow-origin: https://www.digitalshadows.com
cf-ray: 5df03abafa5ac29a-FRA
cf-request-id: 05aa0308d70000c29a8305a200000001

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 25ms
24ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 16 Jan 2021 13:32:42 GMT

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 96ms
45ms Script
application/x-javascript 104.111.239.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-158.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 80ms
29ms Stylesheet
text/css 104.111.239.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-158.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
lonrtp1.marketo.com/gw1/ 0
436 B 107ms
26ms Script
application/x-javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/trw?aid=digitalshadows&trwv.uid=digitalshadows-1602163962180-be27f837&trwv.vc=1&trwsa.sid=digitalshadows-1602163962185-4df79bdb&trwsb.cpv=1&ctzo=+02:00&uri=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&pm=1116&viewedTypes=&rts=1602163962190

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK ga-integration-2.0.2.js Show response
rtp-static.marketo.com/rtp/libs/ 15 KB
5 KB 83ms
30ms Script
application/x-javascript 104.111.239.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.2.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-158.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7fb58f6c6c2c3b61909e3b4bb9e199d95d5e2a4e39b58f25d1a9894971ed16b9

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Jul 2018 13:42:27 GMT
Server: AkamaiNetStorage
ETag: "52b7a5deba12e7e1147fcebaa9fd9691:1530625347"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 4977

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 044B 2 KB
641 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 12:13:37 GMT
server: ESF
date: Thu, 08 Oct 2020 13:32:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Oct 2020 13:32:42 GMT

GET
H/1.1 200
OK rtp.js Show response
lonrtp1-cdn.marketo.com/rtp-api/v1/ Frame 044B 154 KB
42 KB 29ms
26ms Script
application/x-javascript 104.111.239.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

db4bc85105f4e31dbd24f36d3166b78151fb82bc6a1ea21e5a54e1e0983e4377

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 22:13:01 GMT
Server: Jetty(7.3.1.v20110307)
Date: Thu, 08 Oct 2020 13:32:42 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=64
Connection: keep-alive
Content-Length: 42811
X-Akamai-Path-Stats: [3:9351:6649]

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 044B 158 KB
44 KB 30ms
27ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a231021862172f5390760b53c7a54eab8c6f50d27e7edaba3230827b2faad0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45055
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Oct 2020 13:32:42 GMT

GET
H2 200 p.css
p.typekit.net/ Frame 044B 5 B
149 B 23ms
17ms Stylesheet
text/css 2a02:26f0:10c:5a4::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=grp0jzg&ht=tk&f=32231.32232&a=3933308&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/grp0jzg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
last-modified: Wed, 24 Jun 2020 23:30:16 GMT
server: nginx
etag: "5ef3e208-5"
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK visitWebPage Show response
457-xey-671.mktoresp.com/webevents/ 2 B
475 B 103ms
28ms XHR
text/plain 134.213.193.62
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://457-xey-671.mktoresp.com/webevents/visitWebPage?_mchNc=1602163962282&_mchCn=&_mchId=457-XEY-671&_mchTk=_mch-digitalshadows.com-1602163962281-28506&mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D&_mchHo=www.digitalshadows.com&_mchPo=&_mchRu=%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=mkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: ebac2083-8d22-4813-b25b-ce11088a98e4

GET
H/1.1 200
OK munchkinId Show response
lonrtp1.marketo.com/gw1/put/ 3 B
423 B 82ms
38ms Script
text/json 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/put/munchkinId?aid=digitalshadows&id=id%3A457-XEY-671%26token%3A_mch-digitalshadows.com-1602163962281-28506

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 3
Strict-Transport-Security: max-age=63113904
Content-Type: text/json;charset=UTF-8

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
495 B 68ms
23ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=digitalshadows-1602163962185-4df79bdb&aid=digitalshadows&ma=id%3A457-XEY-671%26token%3A_mch-digitalshadows.com-1602163962281-28506&viewedTypes=&0.18376739645355178&rts=1602163962288

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H2 200 488285.js Show response
dev.visualwebsiteoptimizer.com/lib/ 158 KB
52 KB 91ms
32ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/lib/488285.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 37941a8cdaf360d9200a3eb065e9a63e89ef13403e8d8cfa51de3d4d52c0be58

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-computed: true
date: Thu, 08 Oct 2020 13:32:41 GMT
content-encoding: gzip
server: gfra1
etag: W/"1602157102"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache,max-age=0, public, max-age=0
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google
ptime: 0.0038739999999962

GET
H2 200 8z7ynkcdvg2s.js Show response
js.driftt.com/include/1602164100000/ Frame 044B 137 KB
45 KB 288ms
206ms Script
application/javascript 99.86.243.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1602164100000/8z7ynkcdvg2s.js

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-77.vie50.r.cloudfront.net

Software

nginx /

Resource Hash

7bc1dc7d2a673a36a6e7b3d26c7fd8f5cc42d8b2d41a98e4de2a5ebdaaea9bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: "a48548cec5608126b24de4cbfe9bfb8d"
x-amz-cf-pop: VIE50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:21:34 GMT
server: nginx
date: Thu, 08 Oct 2020 13:32:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bMTi2Pf06vOKisuwRMoee0FS7QuTAamLfJ5jXWtyMNIwknvMAQM_8g==

GET
H2 200 subscriber.gif
cihost.uberflip.com/digitalshadows/assets/images/ Frame 044B 14 KB
15 KB 37ms
36ms Image
image/gif 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cihost.uberflip.com/digitalshadows/assets/images/subscriber.gif
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6720e7c06d90bcf38f0ae5c17205409563dc38f2e69f9b05c849af6a6f775334

Request headers

Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 15:58:38 GMT
via: 1.1 ec6357e657c548ad9e9ce985f638540c.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 21:12:01 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570735108/ctime:1570733733/gid:20/gname:staff/md5:35b560ddc8043efc45dd6f57f6020a7c/mode:33188/mtime:1570733733/uid:502/uname:modip
age: 77645
etag: "35b560ddc8043efc45dd6f57f6020a7c"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
x-amz-cf-pop: SOF50-C1
accept-ranges: bytes
content-length: 14819
x-amz-cf-id: aeNZyXfnaW3slS9Pc6n1ZRGvcURBSS3ZC1o9i2oMYkFyz4mIR8WRxg==

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
495 B 67ms
23ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=null&aid=digitalshadows&viewedTypes=&0.2039000017642707&rts=1602163962576

Requested by

Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Connection: close
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904

GET
H2 200 ajax_ping Show response
resources.digitalshadows.com/hubsFront/ Frame 044B 49 B
232 B 126ms
125ms XHR
application/json 52.60.165.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/hubsFront/ajax_ping

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.7c8c16b82e8711a126a3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

Software

Resource Hash

74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
referrer-policy: unsafe-url
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en-US
status: 200
x-xss-protection: 1; mode=block
content-type: application/json
content-length: 49
x-content-type-options: nosniff

POST
H2 200 ajax_trackCtaView Show response
resources.digitalshadows.com/hubsFront/ Frame 044B 0
67 B 134ms
134ms XHR
text/html 52.60.165.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/hubsFront/ajax_trackCtaView

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.7c8c16b82e8711a126a3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
referrer-policy: unsafe-url
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en-US
status: 200
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
content-length: 0
x-content-type-options: nosniff

GET
H2 200 stats_temp_embed_cta_97927x7ee7cd8cfb7273dff188c4948230ee785945a88c91e9985c61c379b73955c2a516021639614317cec42f94e9bf63c4470dd3b10790ff5cc6c1857cc1dd91eec9bb93da459e
resources.digitalshadows.com/hubsFront/signalMetricsTemp/ Frame 044B 2 B
77 B 125ms
124ms Image
text/html 52.60.165.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.digitalshadows.com/hubsFront/signalMetricsTemp/stats_temp_embed_cta_97927x7ee7cd8cfb7273dff188c4948230ee785945a88c91e9985c61c379b73955c2a516021639614317cec42f94e9bf63c4470dd3b10790ff5cc6c1857cc1dd91eec9bb93da459e?t=1602163962719

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
referrer-policy: unsafe-url
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en-US
status: 200
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
content-length: 2
x-content-type-options: nosniff

GET
H2 200 logo.svg
www.digitalshadows.com/wp-content/themes/digital-shadows/assets/images/ Frame 044B 3 KB
2 KB 8ms
8ms Image
image/svg+xml 2600:9000:2156:9000:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets/images/logo.svg
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.7c8c16b82e8711a126a3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 08:51:01 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2017 01:47:35 GMT
server: AmazonS3
age: 16902
etag: W/"583031fb4ffc6aa9208f1e5e135e34ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: r_q-LYtUg0npokp60mI8Me3zzjXfGXOszbmnqsuhThSsx0jHCiTK1w==
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)

GET
H2 200 l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ Frame 044B 16 KB
16 KB 4ms
4ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://use.typekit.net/grp0jzg.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
server: nginx
etag: "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 16456

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 044B 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 155366
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:23:16 GMT

GET
H2 403 DINOffc-Light.woff2
cihost.uberflip.com/digitalshadows/master/build/fonts/ Frame 044B 0
0 488ms
407ms Font
application/xml 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Light.woff2
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
via: 1.1 1f335ab2faaa6d3c09f24b13eee05a75.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SOF50-C1
status: 403
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
x-cache: Error from cloudfront
x-amz-cf-id: dK2nSDApAznZBBAoONVX_4okuCVGPaJRLEB67Eub14QvUicCPKE7sg==

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 35ms
35ms Script
application/x-javascript 104.111.239.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: lonrtp1-cdn.marketo.com
URL: https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.239.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-158.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H2 200 gv.gif Show response
dev.visualwebsiteoptimizer.com/ 690 B
573 B 21ms
21ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/gv.gif?a=488285&u=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/488285.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 9f0e4453d18b39cc9b589c5f4796a052dd010b30cc59d787595a9b27e098300f

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: gzip
server: gfra1
content-type: text/javascript; charset=UTF-8
status: 200
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 dyn Show response
dev.visualwebsiteoptimizer.com/ 269 B
277 B 21ms
21ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/dyn
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/488285.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: f0b89ee54a3e408af81c6a27d35e9605d272b0d5ad1b11d80b38e3541dcbb160

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: gzip
server: gfra1
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google
content-type: text/javascript; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
44 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a231021862172f5390760b53c7a54eab8c6f50d27e7edaba3230827b2faad0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45055
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Oct 2020 13:32:42 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 044B 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 14:47:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 168291
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 06 Oct 2021 14:47:52 GMT

GET
H3-Q050 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 10 KB
2 KB 45ms
24ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=488285&settings_type=2&vn=7.0&r=0.5769586976986887&u=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&exc=26|42|67
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/488285.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: b6308556e273c96cd00c4eb8748e66fc0bdd8e9ebabe55581469254aea9ed22d

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: gzip
server: gfra1
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK flipbot-v2.min.js Show response
flipbot.uberflip.com/js/ Frame 044B 23 KB
23 KB 482ms
217ms Script
application/javascript 3.220.228.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1602163962627
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.7c8c16b82e8711a126a3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.228.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-228-61.compute-1.amazonaws.com
Software: Apache /
Resource Hash: eb29d9963dcf69cec96f9995c4da404e7ae28ca092b1c0b304133a31a57da81b

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:43 GMT
Via: 1.1 vegur
Last-Modified: Tue, 29 Sep 2020 14:24:20 GMT
Server: Apache
Etag: "5adc-5b07489e90d00"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23260

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
195 B 107ms
107ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=488285&d=digitalshadows.com&u=D009AB25BB4CC999DC91C8FF030707E58&h=1a8e6eedd4120ee42cb537cf8a97c8d1&r=0.16531776056474423

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:43 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1024
date: Thu, 08 Oct 2020 13:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 08 Oct 2020 15:15:39 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=56537
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 8z7ynkcdvg2s.js Show response
js.driftt.com/include/1602164100000/ 137 KB
45 KB 53ms
53ms Script
application/javascript 99.86.243.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1602164100000/8z7ynkcdvg2s.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-77.vie50.r.cloudfront.net

Software

nginx /

Resource Hash

7bc1dc7d2a673a36a6e7b3d26c7fd8f5cc42d8b2d41a98e4de2a5ebdaaea9bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: "a48548cec5608126b24de4cbfe9bfb8d"
age: 1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:21:34 GMT
server: nginx
date: Thu, 08 Oct 2020 13:32:42 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EFm-r66LFg-k7XF-G7VJiAZWQZ1wUYcLPU8zPxgaHlaFs_nGJ2bnIg==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 38 KB
13 KB 83ms
26ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fdb7e9c8e2eb0c5bf6bfe19ee4e835cb6274532b004547c80725fb0f909a83dd

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: BmKa.tbdiKThdBE52NQtmZQSUr705Ehc
Content-Encoding: gzip
ETag: "c61d8771a3a8de57477234e596694739"
x-amz-request-id: 5D6B3791487BB0AF
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12224
x-amz-id-2: WMBWQgt/3qI4Ahgy+O4rncjhejWkC7FEyZwVFXlQvomaRwO1XbqgLBLYGLsdRj7EpUo6VKycm3k=
Last-Modified: Tue, 06 Oct 2020 16:09:21 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-Q050 200 tag-136192f7ca5ad9a6c96079677bbd474d.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdHI6Ny4w/ 11 KB
4 KB 51ms
27ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdHI6Ny4w/tag-136192f7ca5ad9a6c96079677bbd474d.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/488285.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: f5a8b9abe2bcf3fda21ed177c7be0a68ee64f20890ec47f8e061f6ef9d5cdf14

Request headers

Origin: https://www.digitalshadows.com
Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: br
last-modified: Tue, 06 Oct 2020 04:55:11 GMT
server: gfra1
status: 200
etag: "5f7bf8af-dbb"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3515
via: 1.1 google

GET
H3-Q050 200 tag-3d03671e935c4b62491aeddf5f8ef7c7.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/ 77 KB
19 KB 58ms
35ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/tag-3d03671e935c4b62491aeddf5f8ef7c7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/488285.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 60fc67a10be4466a7e1fb9f50c8cb1c8303aca9e72344cbd5fdde7e15ce73002

Request headers

Origin: https://www.digitalshadows.com
Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:43 GMT
content-encoding: br
last-modified: Mon, 05 Oct 2020 06:41:37 GMT
server: gfra1
status: 200
etag: "5f7ac021-4d39"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19769
via: 1.1 google

POST collect
www.google-analytics.com/j/ 0
0

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=65131
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1602163963232&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-el...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2017233%26time%3D1602163963232%26url%3Dhttps%253A%252F%252Fwww.digitalshadows.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1602163963232&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-el...

0
41 B

175ms
175ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1602163963232&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D&liSync=true
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:43 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: ko+W46IHPBZQLeMaUisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: EkH626IHPBYQKc5L2ioAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: D582E52762CA49428C509019851DB860 Ref B: FRAEDGE1312 Ref C: 2020-10-08T13:32:43Z
x-frame-options: sameorigin
date: Thu, 08 Oct 2020 13:32:43 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1602163963232&url=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
55 B 113ms
112ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=488285&u=JBEBF2CB5761493283D43EE5E80EEED99&s=1602163962&p=1&ed=%7B%22tO%22%3A%22-2%22%2C%22lt%22%3A%221602163963269%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&cu=https%253A%252F%252Fwww.digitalshadows.com%252Fblog-and-research%252Frevisiting-typosquatting-and-the-2020-us-presidential-election%252F%253Fmkt_tok%253DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%25253D&r=0&cq=1&vn=7.0.69&vns=undefined&vno=undefined&eTime=1602163963269&random=0.7670857642305364

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:42 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 403 DINOffc-Light.woff
cihost.uberflip.com/digitalshadows/master/build/fonts/ Frame 044B 0
0 417ms
414ms Font
application/xml 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Light.woff
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
via: 1.1 1f335ab2faaa6d3c09f24b13eee05a75.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SOF50-C1
status: 403
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
x-cache: Error from cloudfront
x-amz-cf-id: C-iCDSaS56T4pQbrQFhIWC99vWOt0P4UU6zVXkF25H5CpvhJwujG9A==

GET
H3-Q050 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
55 B 243ms
242ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=488285&u=JBEBF2CB5761493283D43EE5E80EEED99&s=1602163962&p=1&tags={%22si%22:{%2257%22:%221%22,%2256%22:%221%22,%2252%22:%221%22,%2249%22:%221%22,%2248%22:%221%22,%2247%22:%221%22,%2246%22:%221%22,%2245%22:%221%22,%2232%22:%221%22,%2230%22:%221%22}}&eg=29,28,24,21,20,19,18,17,11,10&update=1&cq=1&vn=7.0.69&vns=undefined&vno=undefined&_cu=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidenti&eTime=1602163963352&random=0.09544509275958113

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:42 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

24ms
23ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 0A9DFB41B15EF3A2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 9wtYzl8isf76a+KTcCc0hWCh/ZKrxXSL0KsmsoDDvS1VGgWl/GxdSe7DtPnOmbh4BH+84jF1nEY=
Last-Modified: Fri, 31 Jul 2020 16:11:15 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Thu, 08 Oct 2020 13:32:43 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/ 0
705 B 298ms
243ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: l39M0WwVRVU10lQIZ2jEQWehl2GT8Be_
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 957696D982DB7BF9
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 0
x-amz-id-2: ijeG4pup8XGv+nMSyCSYv5PNDRSyJe9EDBe/6XMw1E7qCFp54Y2seS2Ae/fDejjbh8hlyeRARmo=
Last-Modified: Wed, 07 Oct 2020 20:53:11 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=abb59444a4b77b5aa6ff6d86c0bd380c&_b=2
https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=abb59444a4b77b5aa6ff6d86c0bd380c&_b=2

394 B
862 B

38ms
33ms

Script
application/javascript

52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=abb59444a4b77b5aa6ff6d86c0bd380c&_b=2
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 423f10554d1e324ef22127d5667c16184bb7ee01f4b221fb673c4c59ec533c7e

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:43 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 394

Redirect headers

status: 302
date: Thu, 08 Oct 2020 13:32:43 GMT
server: nginx/1.18.0
content-length: 105
location: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=abb59444a4b77b5aa6ff6d86c0bd380c&_b=2

GET
H3-Q050 200 worker.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 35ms
35ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/488285.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:42 GMT
content-encoding: br
last-modified: Mon, 16 Mar 2020 04:40:32 GMT
server: gfra1
status: 200
etag: "5e6f0340-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H/1.1

200
OK

IANINNYENVANJHID2VKV5Q.js Show response
s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/
Redirect Chain

https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2F...
https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/IANINNYENVANJHID2VKV5Q.js

4 KB
2 KB

23ms
23ms

Script
text/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/IANINNYENVANJHID2VKV5Q.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5f12c6deed58cb982f505fd5b79e62a96cc78cb2a22ed630542d7f70d695a5eb

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: SoJIeuokG4Pp.dAVaxI8EsAyDLkdT353
Content-Encoding: gzip
ETag: "3fbebb4326dbc8dec9516be44230630d"
x-amz-request-id: EB2993235B6FF1E0
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1339
x-amz-id-2: st51//3u+3e9oiPaN+vPGo3Q9aEPi5MwUbZIsyQnCeVzbvOH7XeRCvl6+kTqp4pm8rfKC7TODrk=
Last-Modified: Fri, 03 Apr 2020 10:56:36 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Thu, 08 Oct 2020 13:32:43 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
x-segment-eid: IANINNYENVANJHID2VKV5Q
location: https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/IANINNYENVANJHID2VKV5Q.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: VD4NA2LPTRDHFCOWWLH536
x-segment-name: *
x-advertisable-eid: M2GUWUTBBJFFRJ7RPYG7FT
x-conversion-currency

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 23ms
23ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&pv=36016951512.946724&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: E2F067B4E9F95C64
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: zahNXUrZcHvPMHZ5OZzeA/pmU+ThIaY+/c27IjCJ/f8DH693VdK16PYXiwNkUgRleJPaNozozcA=
Last-Modified: Mon, 03 Feb 2020 20:32:06 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-...
https://pixel.advertising.com/ups/55980/sync?uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

73ms
23ms

Image
text/plain

52.59.102.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.102.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-102-119.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 08 Oct 2020 13:32:43 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:43 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.advertising.com/ups/55980/sync?uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 167

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-u...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699963
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699963&C=1

43 B
1003 B

89ms
85ms

Image
image/gif

23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699963&C=1
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 13:32:43 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Oct 2020 13:32:43 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 13:32:43 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699963&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Thu, 08 Oct 2020 13:32:43 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-pr...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expires=365

0
239 B

98ms
25ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expires=365
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:43 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expires=365
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-202...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&rdrctExp=true

0
475 B

173ms
172ms

Image
text/plain

38.133.127.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&rdrctExp=true
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:44 GMT
Cache-Control: no-cache
X-TraceId: 80447ee7b58763fd50ab00c4c8d65aff
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&rdrctExp=true
Date: Thu, 08 Oct 2020 13:32:44 GMT
X-TraceId: 7b9309b2ecc3eb4f6c5c4a04c33fdc78
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-202...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
886 B

74ms
17ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 08 Oct 2020 13:32:43 GMT
X-lat: Pug22067:0:392
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:43 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

0
218 B

54ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.30.10:10213
date: Thu, 08 Oct 2020 13:32:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 4001

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:43 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2...
https://eb2.3lift.com/xuid?mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

67ms
65ms

Image
image/gif

18.158.113.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.113.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-113-203.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Thu, 08 Oct 2020 13:32:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-pr...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
500 B

70ms
69ms

Image
image/gif

52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

date: Thu, 08 Oct 2020 13:32:43 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-pr...
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

43 B
411 B

27ms
23ms

Image
image/gif

3.123.111.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.111.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-111-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Thu, 08 Oct 2020 13:32:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-pr...
https://ib.adnxs.com/setuid?entity=172&code=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

43 B
1 KB

17ms
17ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 13:32:44 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid: 37bfc396-8983-436b-96d5-0fa3664d1ca7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 13:32:43 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid: 6ba8eaec-1127-4ba7-b474-ee98246dae1b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 39ms
33ms Image
image/gif 52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:43 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-pr...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf

43 B
180 B

29ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.194.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
via: 1.1 google
server: OXGW/16.194.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 08 Oct 2020 13:32:44 GMT
via: 1.1 google
server: OXGW/16.194.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=ac8677a60751bee3b99222e347a85b88-1602163963589&arrfrr=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-pr...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=UqxG9ftKabymy0acgDPBzw
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=UqxG9ftKabymy0acgDPBzw&google_tc=
https://d.adroll.com/cm/g/in

42 B
537 B

34ms
33ms

Image
image/gif

52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 DINOffc-Light.ttf
cihost.uberflip.com/digitalshadows/master/build/fonts/ Frame 044B 0
0 404ms
403ms Font
application/xml 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Light.ttf
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:43 GMT
via: 1.1 1f335ab2faaa6d3c09f24b13eee05a75.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SOF50-C1
status: 403
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
x-cache: Error from cloudfront
x-amz-cf-id: gRWSQN-wUUMghg4SSKj8Te8KKkvzRvbRvfk-M9kKp-CDTAz6y30nhA==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 044B 965 B
761 B 13ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=56537
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ Frame 044B 1 KB
1 KB 23ms
19ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.digitalshadows.com
URL: https://www.digitalshadows.com/blog-and-research/revisiting-typosquatting-and-the-2020-us-presidential-election/?mkt_tok=eyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ Frame 044B 38 KB
13 KB 87ms
84ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fdb7e9c8e2eb0c5bf6bfe19ee4e835cb6274532b004547c80725fb0f909a83dd

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: BmKa.tbdiKThdBE52NQtmZQSUr705Ehc
Content-Encoding: gzip
ETag: "c61d8771a3a8de57477234e596694739"
x-amz-request-id: 5D6B3791487BB0AF
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12224
x-amz-id-2: WMBWQgt/3qI4Ahgy+O4rncjhejWkC7FEyZwVFXlQvomaRwO1XbqgLBLYGLsdRj7EpUo6VKycm3k=
Last-Modified: Tue, 06 Oct 2020 16:09:21 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 044B 4 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=65131
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ Frame 044B 11 KB
5 KB 60ms
60ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 16 Jan 2021 13:32:43 GMT

GET
H2 200 collect
px.ads.linkedin.com/ Frame 044B 0
65 B 176ms
174ms Image
application/javascript 2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2017233&time=1602163963991&url=https%3A%2F%2Fwww.digitalshadows.com%2F
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:44 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: mMNR+qIHPBZwbwdeUCsAAA==

GET
H/1.1 200
OK visitWebPage Show response
457-xey-671.mktoresp.com/webevents/ Frame 044B 2 B
311 B 32ms
28ms XHR
text/plain 134.213.193.62
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://457-xey-671.mktoresp.com/webevents/visitWebPage?_mchNc=1602163964089&_mchCn=&_mchId=457-XEY-671&_mchTk=_mch-digitalshadows.com-1602163964088-68030&_mchHo=resources.digitalshadows.com&_mchPo=&_mchRu=%2FhubsFront%2Fembed_cta%2F97927&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fwww.digitalshadows.com%2F&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 5d881f26-ea0b-4fad-96e1-b5caf248af29

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/ Frame 044B
Redirect Chain

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

23ms
23ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 0A9DFB41B15EF3A2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 9wtYzl8isf76a+KTcCc0hWCh/ZKrxXSL0KsmsoDDvS1VGgWl/GxdSe7DtPnOmbh4BH+84jF1nEY=
Last-Modified: Fri, 31 Jul 2020 16:11:15 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:44 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Thu, 08 Oct 2020 13:32:44 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/ Frame 044B 0
705 B 25ms
23ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: l39M0WwVRVU10lQIZ2jEQWehl2GT8Be_
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 957696D982DB7BF9
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 0
x-amz-id-2: ijeG4pup8XGv+nMSyCSYv5PNDRSyJe9EDBe/6XMw1E7qCFp54Y2seS2Ae/fDejjbh8hlyeRARmo=
Last-Modified: Wed, 07 Oct 2020 20:53:11 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:44 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/ Frame 044B
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/M2GUWUTBBJFFRJ7RPYG7FT?_s=62aaf7b484de96462d9399d613dff637&_b=2
https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=62aaf7b484de96462d9399d613dff637&_b=2

394 B
862 B

37ms
33ms

Script
application/javascript

52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=62aaf7b484de96462d9399d613dff637&_b=2
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 423f10554d1e324ef22127d5667c16184bb7ee01f4b221fb673c4c59ec533c7e

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 394

Redirect headers

status: 302
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
content-length: 105
location: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT/?_s=62aaf7b484de96462d9399d613dff637&_b=2

GET
H/1.1

200
OK

DTU3QQ67CZHH7PXZJ5SXHH.js Show response
s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/ Frame 044B
Redirect Chain

https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fem...
https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/DTU3QQ67CZHH7PXZJ5SXHH.js

4 KB
2 KB

29ms
25ms

Script
text/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/DTU3QQ67CZHH7PXZJ5SXHH.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7bf8e19e00f44918d4bf6ccd7b66aec60c78f16478c9ac02d101439a17730cc1

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: HS78yS81jskKPR8eK_mRTBGx6B._fxcI
Content-Encoding: gzip
ETag: "824a89a84aaeebaeac8ee32c20c37d3a"
x-amz-request-id: E3EFD9AD2B9B5404
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1365
x-amz-id-2: /piMCoqbnIbpE69LA9OeEhn40voLEArw+SXs6SW2Fbj0gG+emMI7FrUFCSljBstRYg1zfrTyqjY=
Last-Modified: Wed, 16 Sep 2020 21:11:20 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:44 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Thu, 08 Oct 2020 13:32:44 GMT
x-segment-display-name: Resources Center - LP
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *resources.digitalshadows.com*
x-segment-eid: DTU3QQ67CZHH7PXZJ5SXHH
location: https://s.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536/DTU3QQ67CZHH7PXZJ5SXHH.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: VD4NA2LPTRDHFCOWWLH536
x-segment-name: fa667bdf
x-advertisable-eid: M2GUWUTBBJFFRJ7RPYG7FT
x-conversion-currency

POST
H2 200 analyze Show response
r2.visualwebsiteoptimizer.com/ 0
143 B 1040ms
607ms XHR
application/javascript 35.221.11.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://r2.visualwebsiteoptimizer.com/analyze?_a=488285&_u=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/tag-3d03671e935c4b62491aeddf5f8ef7c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.221.11.9 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.11.221.35.bc.googleusercontent.com
Software: r2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:44 GMT
content-encoding: gzip
server: r2
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ Frame 044B 9 KB
3 KB 23ms
23ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&pv=68594175848.280914&cookie=&adroll_s_ref=https%3A//www.digitalshadows.com/&keyw=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: E2F067B4E9F95C64
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: zahNXUrZcHvPMHZ5OZzeA/pmU+ThIaY+/c27IjCJ/f8DH693VdK16PYXiwNkUgRleJPaNozozcA=
Last-Modified: Mon, 03 Feb 2020 20:32:06 GMT
Server: AmazonS3
Date: Thu, 08 Oct 2020 13:32:44 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

sync
pixel.advertising.com/ups/55980/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2G...
https://pixel.advertising.com/ups/55980/sync?uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
124 B

39ms
23ms

Image
text/plain

52.59.102.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.102.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-102-119.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 08 Oct 2020 13:32:44 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.advertising.com/ups/55980/sync?uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 167

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699964

43 B
1003 B

47ms
37ms

Image
image/gif

23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699964
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 13:32:44 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Oct 2020 13:32:44 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expiration=1633699964
cache-control: no-store, no-cache, must-revalidate
content-length: 139

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUW...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expires=365

0
239 B

34ms
24ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expires=365
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&expires=365
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisabl...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&rdrctExp=true

0
313 B

169ms
168ms

Image
text/plain

38.133.127.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&rdrctExp=true
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 13:32:44 GMT
Cache-Control: no-cache
X-TraceId: ad738962d55ca16d9113898ae2eb4726
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&rdrctExp=true
Date: Thu, 08 Oct 2020 13:32:44 GMT
X-TraceId: fcf1b31f8eb426616bc39e7e8cf32ca9
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisabl...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
886 B

31ms
22ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 08 Oct 2020 13:32:44 GMT
X-lat: Pug22069:0:334
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

0
217 B

24ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.24.10:10213
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx
x-fastly-to-nlb-rtt: 5474

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisa...
https://eb2.3lift.com/xuid?mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e

37 B
352 B

26ms
24ms

Image
image/gif

18.158.113.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.113.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-113-203.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://eb2.3lift.com/xuid?mid=4714&xuid=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y&dongle=c85e
cache-control: no-store, no-cache, must-revalidate
content-length: 102

GET
H2 200 in
d.adroll.com/cm/mk/M2GUWUTBBJFFRJ7RPYG7FT/ Frame 044B 42 B
520 B 39ms
38ms Image
image/gif 52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/mk/M2GUWUTBBJFFRJ7RPYG7FT/in?id=id%3A457-XEY-671%26token%3A_mch-digitalshadows.com-1602163964088-68030
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

GET
H2

200

in
d.adroll.com/cm/r/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUW...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
520 B

34ms
34ms

Image
image/gif

52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

date: Thu, 08 Oct 2020 13:32:44 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
x.bidswitch.net/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUW...
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

43 B
212 B

25ms
23ms

Image
image/gif

3.123.111.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.111.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-111-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://x.bidswitch.net/sync?dsp_id=44&user_id=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
cache-control: no-store, no-cache, must-revalidate
content-length: 96

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUW...
https://ib.adnxs.com/setuid?entity=172&code=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

43 B
1 KB

34ms
23ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 13:32:44 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid: ee282ea2-378d-4e22-9663-b7e0617b86a3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ib.adnxs.com/setuid?entity=172&code=NTJhYzQ2ZjVmYjRhNjliY2E2Y2I0NjljODAzM2MxY2Y
cache-control: no-store, no-cache, must-revalidate
content-length: 93

GET
H2 200 out
d.adroll.com/cm/l/ Frame 044B 42 B
180 B 51ms
33ms Image
image/gif 52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:44 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 044B
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUW...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf

43 B
106 B

32ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.194.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
via: 1.1 google
server: OXGW/16.194.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=52ac46f5fb4a69bca6cb469c8033c1cf
cache-control: no-store, no-cache, must-revalidate
content-length: 87

GET
H2 200 out
d.adroll.com/cm/g/ Frame 044B 42 B
520 B 35ms
34ms Image
image/gif 52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/out?adroll_fpc=0f6008cc80479db44933b356dfa3fa6b-1602163964190&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&xid_ch=f&advertisable=M2GUWUTBBJFFRJ7RPYG7FT&google_nid=adroll5
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-34-11.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 13:32:44 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

GET
H2 200 ajax_ping Show response
resources.digitalshadows.com/hubsFront/ Frame 044B 49 B
171 B 133ms
132ms XHR
application/json 52.60.165.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/hubsFront/ajax_ping

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.7c8c16b82e8711a126a3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.60.165.183 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-60-165-183.ca-central-1.compute.amazonaws.com

Software

Resource Hash

74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:44 GMT
referrer-policy: unsafe-url
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en-US
status: 200
x-xss-protection: 1; mode=block
content-type: application/json
content-length: 49
x-content-type-options: nosniff

GET
H2 403 DINOffc-Bold.woff2
cihost.uberflip.com/digitalshadows/master/build/fonts/ Frame 044B 0
0 406ms
406ms Font
application/xml 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Bold.woff2
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:44 GMT
via: 1.1 1f335ab2faaa6d3c09f24b13eee05a75.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SOF50-C1
status: 403
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
x-cache: Error from cloudfront
x-amz-cf-id: w8T6k45ykC7p_5AE4iZtFCz2OnDCU6REtj3myrhnoz40vbroeWdBcQ==

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 25BE 0
0 101ms
100ms Document
text/html 99.86.243.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1602164100000/8z7ynkcdvg2s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-77.vie50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.digitalshadows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.digitalshadows.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Mon, 05 Oct 2020 17:21:34 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Oct 2020 13:32:45 GMT
etag: "f25d28353ebd5e9e72f90c6b4a90dd6b"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: fRDuKBrA2OVoXnAhkLaSkUXIsqAmnGbHRhM9RCDI-ot1RQt6ypxP0w==

GET
H2 403 DINOffc-Bold.woff
cihost.uberflip.com/digitalshadows/master/build/fonts/ Frame 044B 0
0 418ms
418ms Font
application/xml 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Bold.woff
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:45 GMT
via: 1.1 1f335ab2faaa6d3c09f24b13eee05a75.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SOF50-C1
status: 403
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
x-cache: Error from cloudfront
x-amz-cf-id: vZMqqMDmLuXNMFqx_o_w1T_MfA29UPEV2C-D9tMXQ0GKaX-fV_0ncQ==

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame ED04 0
0 36ms
35ms Document
text/html 99.86.243.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1602164100000/8z7ynkcdvg2s.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-77.vie50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Mon, 05 Oct 2020 17:21:34 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Oct 2020 13:32:45 GMT
etag: "f25d28353ebd5e9e72f90c6b4a90dd6b"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 2ada7fef339aac482bc92d45b7dff5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: HfCLr8ukp9l1_AHxSWM0Q9IwDo71U5U3Y2CO4tmHPbr8oNWygLwFjg==
age: 0

GET
H2 403 DINOffc-Bold.ttf
cihost.uberflip.com/digitalshadows/master/build/fonts/ Frame 044B 0
0 417ms
417ms Font
application/xml 2600:9000:203c:f600:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Bold.ttf
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203c:f600:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Origin: https://resources.digitalshadows.com
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 13:32:45 GMT
via: 1.1 1f335ab2faaa6d3c09f24b13eee05a75.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SOF50-C1
status: 403
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/xml
access-control-allow-origin: *
x-cache: Error from cloudfront
x-amz-cf-id: vRH2-XvcAqAxfZ1AK3jZSW9eORnLyfS_Npg-paQpiW3Es-OQT8GxCA==

POST
H2 200 analyze Show response
r2.visualwebsiteoptimizer.com/ 0
142 B 116ms
115ms XHR
application/javascript 35.221.11.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://r2.visualwebsiteoptimizer.com/analyze?_a=488285&_u=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/tag-3d03671e935c4b62491aeddf5f8ef7c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.221.11.9 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.11.221.35.bc.googleusercontent.com
Software: r2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.digitalshadows.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Thu, 08 Oct 2020 13:32:49 GMT
content-encoding: gzip
server: r2
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j86&a=210584861&t=pageview&_s=1&dl=https%3A%2F%2Fwww.digitalshadows.com%2Fblog-and-research%2Frevisiting-typosquatting-and-the-2020-us-presidential-election%2F%3Fmkt_tok%3DeyJpIjoiTkdFNE1ETTFNVEl6TkRNMyIsInQiOiJFVENKMEJ4OGVkUVwvRGV1Uis5QmRCcnhCeldxT3VEXC84TE1ZZ3pSdkJxaFlZWU12ZXdRdWUxYkRhN0g4bkl0OXhVc0MzcnoydGNSV3ZjZ0FBN3l2aExMdzdlWU10UlRRcTdMUTAzTTZWZ1FTTFk4NzRJbFBsMmo0b1dNUUxKN2hwIn0%253D&ul=en-us&de=UTF-8&dt=Revisiting%20Typosquatting%20And%20The%202020%20US%20Presidential%20Election%20%7C%20Digital%20Shadows&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1136595026&gjid=262005576&cid=1845722624.1602163963&tid=UA-24205771-1&_gid=1828028530.1602163963&_r=1&gtm=2wg9u1PG934MV&z=1234305634

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.resources.digitalshadows.com/	1970-01-19 21:48:19	Name: __ar_v4 Value: %7CM2GUWUTBBJFFRJ7RPYG7FT%3A20201007%3A1%7CVD4NA2LPTRDHFCOWWLH536%3A20201007%3A1%7CDTU3QQ67CZHH7PXZJ5SXHH%3A20201007%3A1
.resources.digitalshadows.com/	1970-01-19 21:48:41	Name: __adroll_fpc Value: 0f6008cc80479db44933b356dfa3fa6b-1602163964190
.resources.digitalshadows.com/	1970-01-19 21:48:19	Name: _ufav Value: eb356a54db2d45e5998acb9c1109012e
resources.digitalshadows.com/	1970-01-20 06:33:55	Name: driftt_aid Value: e586999c-2cc6-41f1-9f9b-8f0bc73079b9
.digitalshadows.com/	1970-01-20 06:33:55	Name: _mkto_trk Value: id:457-XEY-671&token:_mch-digitalshadows.com-1602163964088-68030
.digitalshadows.com/	1970-01-19 21:49:46	Name: _vwo_uuid_v2 Value: D009AB25BB4CC999DC91C8FF030707E58\|1a8e6eedd4120ee42cb537cf8a97c8d1
.digitalshadows.com/	1970-01-19 13:02:44	Name: _gat_UA-24205771-1 Value: 1
.www.digitalshadows.com/	1970-01-19 21:48:19	Name: __ar_v4 Value: %7CM2GUWUTBBJFFRJ7RPYG7FT%3A20201007%3A1%7CVD4NA2LPTRDHFCOWWLH536%3A20201007%3A1%7CIANINNYENVANJHID2VKV5Q%3A20201007%3A1
.www.digitalshadows.com/	1970-01-19 21:48:41	Name: __adroll_fpc Value: ac8677a60751bee3b99222e347a85b88-1602163963589
.digitalshadows.com/	1970-01-19 13:04:10	Name: _gid Value: GA1.2.1828028530.1602163963
.resources.digitalshadows.com/	1970-01-19 13:02:47	Name: _ufas Value: 572d9321fd644fa890ee5959d389e096
.digitalshadows.com/	1970-01-19 15:12:19	Name: _vwo_ds Value: 3%3Aa_1%2Ct_1%3A0%241602163962%3A35.3162654%3A%3A29_1%2C28_1%2C24_1%2C21_1%2C20_1%2C19_1%2C18_1%2C17_1%2C11_1%2C10_1%3A4_1%2C3_1%3A1
.digitalshadows.com/	1970-01-19 13:02:45	Name: _vwo_sn Value: 0%3A1%3Ar2.visualwebsiteoptimizer.com%3A1%3A1
resources.digitalshadows.com/	1970-01-19 21:48:19	Name: uf_privacy_prefs Value: 1%7C1
.digitalshadows.com/	1970-01-20 06:33:55	Name: _ga Value: GA1.2.1845722624.1602163963
.digitalshadows.com/	1970-01-23 04:38:43	Name: _vwo_uuid Value: JBEBF2CB5761493283D43EE5E80EEED99
www.digitalshadows.com/	1970-01-20 06:33:55	Name: driftt_aid Value: 5f47829d-34e9-4b5b-9464-4e29edbe4510
resources.digitalshadows.com/	1969-12-31 23:59:59	Name: _MGZ_ Value: fh0hec438rbmusav60pcb1rqbo
.digitalshadows.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.digitalshadows.com/	1970-01-19 15:26:43	Name: _vis_opt_s Value: 1%7C

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/scripts/main.9e9c0b8ea451559a47b6.js(Line 29) Message: docready
console-api	warning	URL: https://content.cdntwrk.com/js/hubs/hubs_app.7c8c16b82e8711a126a3.js(Line 1) Message: UF: Pollyfill not needed for UFA, skipping.
console-api	log	(Line 48) Message: JQMIGRATE: Migrate is installed with logging active, version 3.0.1
console-api	warning	URL: https://cihost.uberflip.com/digitalshadows/master/build/onbrand.bundle.js(Line 7) Message: OB: Babel polyfill detected, Onbrand will not apply its own.
console-api	log	URL: https://www.digitalshadows.com/wp-content/themes/digital-shadows/assets_2019/scripts/main.9e9c0b8ea451559a47b6.js(Line 29) Message: docready
console-api	log	URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927(Line 1379) Message: [object Object]
console-api	log	URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1602163962627(Line 1) Message: Flipbot > initializing...
console-api	log	URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1602163962627(Line 1) Message: Flipbot > getStored: viewed
console-api	log	URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1602163962627(Line 1) Message: Flipbot > getStored: sentCount
console-api	log	URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1602163962627(Line 1) Message: Flipbot > getStored: ignoreMe
console-api	log	URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1602163962627(Line 1) Message: Flipbot [CTA] > getStored: prevTime
console-api	log	URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1602163962627(Line 1) Message: Flipbot [CTA] > getStored: vidyardViewed

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .marketo.com munchkin.marketo.net .google-analytics.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net use.typekit.net https://js.driftt.com https://static.hotjar.com https://script.hotjar.com https://tagmanager.google.com .adroll.com https://d.adroll.mgr.consensu.org https://snap.licdn.com https://.visualwebsiteoptimizer.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .marketo.com .typekit.net unpkg.com https://tagmanager.google.com; img-src * data:; connect-src 'self' .marketo.com .mktoresp.com api.ipstack.com https://ipapi.co https://.hotjar.com: https://vc.hotjar.io:* wss://.hotjar.com https://.visualwebsiteoptimizer.com; child-src 'self' https://vars.hotjar.com; font-src 'self' data: fonts.gstatic.com use.typekit.net unpkg.com https://script.hotjar.com; form-action .marketo.com; frame-src resources.digitalshadows.com .marketo.com www.youtube.com www.slideshare.net w.soundcloud.com https://js.driftt.com https://vars.hotjar.com https://mitre-attack.github.io
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

457-xey-671.mktoresp.com
ads.yahoo.com
app-lon04.marketo.com
cdnjs.cloudflare.com
cihost.uberflip.com
cm.g.doubleclick.net
content.cdntwrk.com
d.adroll.com
d.adroll.mgr.consensu.org
dev.visualwebsiteoptimizer.com
dsum-sec.casalemedia.com
eb2.3lift.com
flipbot.uberflip.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
ipapi.co
js.driftt.com
lonrtp1-cdn.marketo.com
lonrtp1.marketo.com
munchkin.marketo.net
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
r2.visualwebsiteoptimizer.com
resources.digitalshadows.com
rtp-static.marketo.com
s.adroll.com
simage2.pubmatic.com
snap.licdn.com
stackpath.bootstrapcdn.com
sync.outbrain.com
sync.taboola.com
unpkg.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
www.digitalshadows.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
www.google-analytics.com
104.109.95.62
104.111.239.158
104.16.95.80
134.213.193.62
141.226.228.48
162.13.202.201
172.217.18.162
18.158.113.203
185.33.220.240
185.64.189.110
209.197.3.15
23.111.9.35
23.210.248.216
23.210.249.164
2600:9000:203c:f600:12:53a8:95c0:93a1
2600:9000:2156:9000:9:91af:d140:93a1
2606:4700:20::681a:92c
2606:4700::6810:7baf
2606:4700::6811:4f6b
2620:1ec:21::14
2a00:1288:f03d:1fa::4000
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2008
2a00:1450:4001:825::200a
2a01:4a0:1338:28::c38a:ff0b
2a02:26f0:10c:58e::25ea
2a02:26f0:10c:5a4::19fd
2a05:f500:11:101::b93f:9005
3.123.111.134
3.220.228.61
34.96.102.137
34.98.64.218
35.221.11.9
38.133.127.31
52.30.34.11
52.59.102.119
52.60.165.183
52.84.112.70
69.173.144.165
99.86.243.77
06a5a0a0364552ba2c4f005c5b1a10f96861bf173274e36ca74b6393857f84e3
07e488fc7ca98a10872edeac01b7baffc4ee033ba9dda67d1de361df52af331b
09fc85010c1f0f2baeb8b3ca5965ddb4e76bb09fd2746746eabfee710b59e586
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0d465ec0d8b0af3ae0c868b2846850adcd873264a2ae17fd5034b429986b96cb
0e599593de0c6e9970308b73ee132398a6574324c5b1e91205d657a213669867
12cb6f4a3c9fd0d20d99973654a5ee6a58e1e280a28327834a0a671370f9fded
1a231021862172f5390760b53c7a54eab8c6f50d27e7edaba3230827b2faad0d
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f7e0fc0541ef13ade8dfbd9de3a7e2a6d0d66f125a89a80e0f76d2a92f26306
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
286ee6abe696f417a4b0e7e7d515c93f57f3fe02d9736ce1c57f2f6d7eafe083
3101ddc4c642e7c965f0ab56c14e23e18100b336024d11aeb9cd6175812189be
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
35901d308b760b474f8f7682022c55ef5ad97a8cf7cee503eefcb422023b705a
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
37941a8cdaf360d9200a3eb065e9a63e89ef13403e8d8cfa51de3d4d52c0be58
423f10554d1e324ef22127d5667c16184bb7ee01f4b221fb673c4c59ec533c7e
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
47036c6546adb51c4a0f5c80986edcdd0dacae68b27ea6456a1f7b923ee0cff7
490a471eb1956df4e31c8cb7d9e0d0d3062bd51e8a60b8f26b63cb7b50103501
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd1d26474ce5b3da3a5167accb4460197ae0e15a10d99dabb3e0ac35510bfc
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5f12c6deed58cb982f505fd5b79e62a96cc78cb2a22ed630542d7f70d695a5eb
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60fc67a10be4466a7e1fb9f50c8cb1c8303aca9e72344cbd5fdde7e15ce73002
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6720e7c06d90bcf38f0ae5c17205409563dc38f2e69f9b05c849af6a6f775334
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
79ab61b440cb1cb7263bb52dacc7475bd7c17b109163e32908c9f2dfe582ecdf
7bc1dc7d2a673a36a6e7b3d26c7fd8f5cc42d8b2d41a98e4de2a5ebdaaea9bf7
7bf8e19e00f44918d4bf6ccd7b66aec60c78f16478c9ac02d101439a17730cc1
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7fb58f6c6c2c3b61909e3b4bb9e199d95d5e2a4e39b58f25d1a9894971ed16b9
81704139c08eaaf20aff12ec84e605dc3e87e004c10cd5628cdaeb0cdd070686
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88f8edf77adaf9164306cba3952f16b34f753ab92cc7aea9d904b9b25deb970f
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c
9f0e4453d18b39cc9b589c5f4796a052dd010b30cc59d787595a9b27e098300f
9f942cfe26179e7c55d2de1dfb1930f960a30610926f1f5d2026f294676400d7
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
b036e1dbcb509ddd7e2ce187b8661f0dcc75e6f76f8097dd02112c7ae1f259a6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e76934b27ab66f94944bd41df66c6dc40ac8014979f812537d4d15cd9f75be
b6308556e273c96cd00c4eb8748e66fc0bdd8e9ebabe55581469254aea9ed22d
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6fefa2c50d05ac6389702c57af20a5edae7da80be444ce0e2fb0e6d40e78c2
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91
c74591a27b6b4f5daec206753f2264b33e9a722159264748b9e58376ce7b393b
cb8b52ad3dc7965f172bb0e5d2e3fdc4bf56898c5cdb702a1b4f25fcb5e30531
ce2eab0cad67171876a0fae4daecd644c0cf7805be51e4379430a96a1e213c1c
d0c6a55fbd3e75031909f5cb7bb05b561313edae55c5657e5435c8a9623adcb5
db4bc85105f4e31dbd24f36d3166b78151fb82bc6a1ea21e5a54e1e0983e4377
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80e5437b1391b696e7c70ffa5302c4d0dffe0b192120e77d435a5d271183fa9
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
eb23d5fd5964aa3c8843eeada38aa0858bfc504afc6f6426a8511a6dae17afda
eb29d9963dcf69cec96f9995c4da404e7ae28ca092b1c0b304133a31a57da81b
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b89ee54a3e408af81c6a27d35e9605d272b0d5ad1b11d80b38e3541dcbb160
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f24c51a94a931f1bdd7c3dacc9ebb3848305f5eb5a3feddf0b01227f6c778c17
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5a8b9abe2bcf3fda21ed177c7be0a68ee64f20890ec47f8e061f6ef9d5cdf14
f746556f2f71e2613911302a06abe9a4f09e54fe21969438505cecfc77f0d6ab
f944b22e1461799d83c6cd00156bfeba153f123acf677a86fe0bfd3fd8f0551a
fdb7e9c8e2eb0c5bf6bfe19ee4e835cb6274532b004547c80725fb0f909a83dd
fe73b01b5ce1a6a3a27e01685c699fb946032a9d2de1f45c69683b370b7df9d7

www.digitalshadows.com Open in urlscan Pro 2600:9000:2156:9000:9:91af:d140:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

146 Requests

99 %HTTPS

41 %IPv6

34 Domains

43 Subdomains

41 IPs

7 Countries

5733 kBTransfer

10359 kBSize

20 Cookies

19 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.digitalshadows.com Open in urlscan Pro
2600:9000:2156:9000:9:91af:d140:93a1 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

99 %
HTTPS

41 %
IPv6

34
Domains

43
Subdomains

41
IPs

7
Countries

5733 kB
Transfer

10359 kB
Size

20
Cookies

146 HTTP transactions
0 data transactions