castellanbc.com Open in urlscan Pro
35.225.35.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.assurancesoftware.com/
Effective URL:
https://castellanbc.com/
Submission: On July 21 via api (July 21st 2021, 9:42:54 pm UTC) from US

Summary HTTP 193 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 37 IPs in 3 countries across 31 domains to perform 193 HTTP transactions. The main IP is 35.225.35.51, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is castellanbc.com.
TLS certificate: Issued by R3 on July 20th 2021. Valid for: 3 months.

This is the only time castellanbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
29	35.225.35.51 35.225.35.51	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
64	143.204.205.19 143.204.205.19	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a04:4e42:3::622 2a04:4e42:3::622	54113 (FASTLY) (FASTLY)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	54.86.117.43 54.86.117.43	14618 (AMAZON-AES) (AMAZON-AES)
2	52.6.75.166 52.6.75.166	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
19	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.145.38 13.226.145.38	16509 (AMAZON-02) (AMAZON-02)
2	34.234.150.139 34.234.150.139	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
2	3.221.103.232 3.221.103.232	14618 (AMAZON-AES) (AMAZON-AES)
193	37

1 2606:2c40::c73c:67e1 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.assurancesoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 35.225.35.51 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 51.35.225.35.bc.googleusercontent.com

castellanbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 143.204.205.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-19.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a04:4e42:3::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

embed-fastly.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.117.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-117-43.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.75.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-75-166.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customer.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-38.dus51.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.150.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-150-139.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.221.103.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-103-232.compute-1.amazonaws.com

fg8vvsvnieiv3ej16jby.litix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com	830 KB
29	castellanbc.com castellanbc.com	469 KB
21	drift.com metrics.api.drift.com bootstrap.api.drift.com customer.api.drift.com targeting.api.drift.com event.api.drift.com flow.api.drift.com	6 KB
21	wistia.net fast.wistia.net	522 KB
6	wistia.com embed-fastly.wistia.com distillery.wistia.com pipedream.wistia.com	35 KB
6	google-analytics.com www.google-analytics.com	58 KB
4	hubspot.com track.hubspot.com forms.hubspot.com	4 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	typekit.net use.typekit.net	189 KB
4	googletagmanager.com www.googletagmanager.com	172 KB
3	gstatic.com fonts.gstatic.com	43 KB
3	google.de www.google.de	324 B
3	google.com www.google.com	324 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	32 KB
2	litix.io fg8vvsvnieiv3ej16jby.litix.io	172 B
2	sentry.io sentry.io	806 B
2	licdn.com snap.licdn.com	5 KB
1	imgix.net driftt.imgix.net	1 KB
1	driftcdn.com embeds.driftcdn.com	7 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	hubapi.com api.hubapi.com	947 B
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hsleadflows.net js.hsleadflows.net	85 KB
1	zoominfo.com ws.zoominfo.com	491 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	16 KB
1	jsdelivr.net cdn.jsdelivr.net	8 KB
1	hs-scripts.com js.hs-scripts.com	990 B
1	assurancesoftware.com 1 redirects www.assurancesoftware.com	867 B
193	31

	Domain	Requested by
64	js.driftt.com	castellanbc.com js.driftt.com
29	castellanbc.com	castellanbc.com
21	fast.wistia.net	castellanbc.com fast.wistia.net
6	targeting.api.drift.com	js.driftt.com
6	metrics.api.drift.com	js.driftt.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com castellanbc.com
4	use.typekit.net	castellanbc.com
4	www.googletagmanager.com	castellanbc.com www.googletagmanager.com js.hsadspixel.net
3	fonts.gstatic.com	fonts.googleapis.com
3	bootstrap.api.drift.com	js.driftt.com
3	track.hubspot.com
3	www.google.de	castellanbc.com
3	www.google.com	castellanbc.com
2	fg8vvsvnieiv3ej16jby.litix.io	fast.wistia.net
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	customer.api.drift.com	js.driftt.com
2	fonts.googleapis.com	js.driftt.com
2	sentry.io	js.driftt.com
2	pipedream.wistia.com	fast.wistia.net
2	distillery.wistia.com	fast.wistia.net
2	embed-fastly.wistia.com	castellanbc.com
2	px.ads.linkedin.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
1	driftt.imgix.net	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	px4.ads.linkedin.com	castellanbc.com
1	www.linkedin.com	1 redirects
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	ws.zoominfo.com	castellanbc.com
1	stackpath.bootstrapcdn.com	castellanbc.com
1	cdn.jsdelivr.net	castellanbc.com
1	js.hs-scripts.com	castellanbc.com
1	ajax.googleapis.com	castellanbc.com
1	www.assurancesoftware.com	1 redirects
193	43

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
www.continuitycentral.com
www.bcmanagement.com
support.castellanbc.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
castellanbc.com R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
embed-fastly.wistia.com R3	`2021-05-27` - `2021-08-25`	3 months	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.litix.io Amazon	`2020-11-27` - `2021-12-26`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://castellanbc.com/
Frame ID: FCCCCA4B7406D189573727282EAE1437
Requests: 71 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/xki0gtnig4
Frame ID: 249ACB5A896854010ACA338A58C42230
Requests: 14 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/xki0gtnig4
Frame ID: D60F3B500F0E80B1412487F412CE2139
Requests: 15 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
Frame ID: 8691A491411C2BFF913401BAD125C572
Requests: 44 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
Frame ID: F01AED856667B7961D00C2925609C590
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.assurancesoftware.com/ HTTP 301
https://castellanbc.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

193
Requests

100 %
HTTPS

69 %
IPv6

31
Domains

43
Subdomains

37
IPs

3
Countries

2544 kB
Transfer

7713 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com/dp/1735943525
Title: BCOS BookA practical and innovative guide to business continuity success.

Search URL Search Domain Scan URL

URL: https://www.continuitycentral.com/
Title: Continuity CentralThe international news and information portal for all things business continuity.

Search URL Search Domain Scan URL

URL: https://www.bcmanagement.com/
Title: BC ManagementOur international executive search firm for business continuity professionals.

Search URL Search Domain Scan URL

URL: https://support.castellanbc.com/cssp
Title: Support Login

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/castellan-solutions/

Search URL Search Domain Scan URL

URL: https://twitter.com/Castellan_BC

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.assurancesoftware.com/ HTTP 301
https://castellanbc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2586946&time=1626903754516&url=https%3A%2F%2Fcastellanbc.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2586946%26time%3D1626903754516%26url%3Dhttps%253A%252F%252Fcastellanbc.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2586946&time=1626903754516&url=https%3A%2F%2Fcastellanbc.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2586946&time=1626903754516&url=https%3A%2F%2Fcastellanbc.com%2F&liSync=true&e_ipv6=AQLITtuiPSxszAAAAXrLBTnsYFykmOZXilbu_UfXG6pIYHg4r4YVHpVOULnm9jcJVn0TogC7

193 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
castellanbc.com/
Redirect Chain

https://www.assurancesoftware.com/
https://castellanbc.com/

68 KB
17 KB

563ms
160ms

Document
text/html

35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: bdbc0662eaea08ee895735b67191d1e12382befb51dbe1130bf2eb7aa71067af

Request headers

:method: GET
:authority: castellanbc.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 21 Jul 2021 21:42:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 2
x-cache-group: normal
content-encoding: br

Redirect headers

date: Wed, 21 Jul 2021 21:42:32 GMT
location: https://castellanbc.com/
cf-ray: 6727997fcbec2c42-FRA
cache-control: no-transform, max-age=120
expires: Wed, 21 Jul 2021 21:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: EXPIRED
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hs-mapping-id: 46990129214
x-hs-mapping-only-after-not-found: no
x-hs-route-prefix: http://www.assurancesoftware.com
x-hubspot-correlation-id: 25531056-217e-42d2-9b4f-55473d94b69f
x-trace: 2BC4FC44EC6FE2D5CFA77F21A2EE00765A62569F47000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVP8GauNE8avblZvL6eEKaMVq3GW%2FhDJSdG9gPHscsrbrolBpaGMmUBeLEa6V96ngPwBUMu3iVnyoQp5uCvyT6apGXn781TjQl8TYQ3VBCOKeapTGuPUw3UoCFVKgcWK%2Fea7%2BqFasrQVpxJYEtB%2BNki4CRjB210%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=d17dcf001c4baccf65520ac6eb98732b49a2f339-1626903752; path=/; domain=.www.assurancesoftware.com; HttpOnly; Secure; SameSite=None
server: cloudflare

GET
H2 200 7u3lq.css
castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/ 508 KB
72 KB 161ms
158ms Stylesheet
text/css 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 308e58fd030a351ff424b67df4719411282295af305ff518e5d8f7488993fc7f

Request headers

:path: /wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Fri, 16 Jul 2021 08:50:32 GMT
server: nginx
etag: W/"60f14858-7efc7"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=5.7.2

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 08:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 08:26:43 GMT

GET
H2 200 7u3lq.js Show response
castellanbc.com/wp-content/cache/wpfc-minified/32q7npri/ 38 KB
10 KB 160ms
158ms Script
application/javascript 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-content/cache/wpfc-minified/32q7npri/7u3lq.js
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1b847f4bf1caae6158442264fd20a70d33a367422f383f8d399ad5a9866f59bd

Request headers

:path: /wp-content/cache/wpfc-minified/32q7npri/7u3lq.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Fri, 16 Jul 2021 08:50:32 GMT
server: nginx
etag: W/"60f14858-964b"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 Blog-Exercises-in-Resiliency-198x124.jpeg
castellanbc.com/wp-content/uploads/2021/06/ 6 KB
7 KB 137ms
137ms Image
image/jpeg 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2021/06/Blog-Exercises-in-Resiliency-198x124.jpeg
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: db29d22df6af3730e903c9fda7ffcea7acf6a4f23adbf121c5b9911536f626fa

Request headers

:path: /wp-content/uploads/2021/06/Blog-Exercises-in-Resiliency-198x124.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 30 Jun 2021 20:34:46 GMT
server: nginx
etag: "60dcd566-1980"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6528

GET
H2 200 Blog-Event-Impact-198x124.jpeg
castellanbc.com/wp-content/uploads/2021/06/ 9 KB
9 KB 154ms
146ms Image
image/jpeg 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2021/06/Blog-Event-Impact-198x124.jpeg
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 219ed77df33493466237a6ece4533ff51dd85ac0fa4ed6e9c97b8d82dcdb6e9e

Request headers

:path: /wp-content/uploads/2021/06/Blog-Event-Impact-198x124.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:50 GMT
server: nginx
etag: "60d3ad6e-23a7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 9127

GET
H2 200 usflag.png
castellanbc.com/wp-content/uploads/flags/ 4 KB
4 KB 156ms
148ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/flags/usflag.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9d8c0dc9ba43c853fa895eb086b4cfec87f94fe30fcacdd025fb50bcb3c70877

Request headers

:path: /wp-content/uploads/flags/usflag.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:50 GMT
server: nginx
etag: "60d3ad6e-e6e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3694

GET
H2 200 kroger.svg
castellanbc.com/wp-content/uploads/2020/10/ 3 KB
1 KB 158ms
151ms Image
image/svg+xml 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/kroger.svg
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88887e72aef86d2096619a3a52ae50dddb1866d7a386a432b775c4518937f809

Request headers

:path: /wp-content/uploads/2020/10/kroger.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 21:53:54 GMT
server: nginx
etag: W/"60d3ad72-bfb"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 HCA.png
castellanbc.com/wp-content/uploads/2020/10/ 3 KB
4 KB 161ms
154ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/HCA.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 74048008ef95f248fc0a89430cb0979a5c2eaed7869ba722f8acada4649172e1

Request headers

:path: /wp-content/uploads/2020/10/HCA.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:54 GMT
server: nginx
etag: "60d3ad72-d71"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3441

GET
H2 200 Metro_police.png
castellanbc.com/wp-content/uploads/2020/10/ 3 KB
3 KB 164ms
156ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/Metro_police.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 07c2f2313bf7914e20e2b5efaf27e4843a872a1b2cd81ffc067231be215f32e5

Request headers

:path: /wp-content/uploads/2020/10/Metro_police.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-b13"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2835

GET
H2 200 keybank.png
castellanbc.com/wp-content/uploads/2020/10/ 2 KB
2 KB 166ms
159ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/keybank.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 509b92c5e60e238dad7c43481ec3d21dc152dbeb0f37dcc6f25e59eec1907354

Request headers

:path: /wp-content/uploads/2020/10/keybank.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-84c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2124

GET
H2 200 rsa.png
castellanbc.com/wp-content/uploads/2020/10/ 3 KB
3 KB 169ms
162ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/rsa.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 382c9c9e15509d4218042396db4f822f91b597579dd7e8e6fd6629e816f51f2f

Request headers

:path: /wp-content/uploads/2020/10/rsa.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-cdc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3292

GET
H2 200 dakota.png
castellanbc.com/wp-content/uploads/2020/10/ 3 KB
3 KB 174ms
167ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/dakota.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa0fceb5b317e83fa2891fa73c495a1c02b6dd55f6a13de1e5466deed2c7a67d

Request headers

:path: /wp-content/uploads/2020/10/dakota.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-d24"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3364

GET
H2 200 NandEagle-Vert-Tagline-mono.png
castellanbc.com/wp-content/uploads/2021/03/ 3 KB
3 KB 176ms
170ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2021/03/NandEagle-Vert-Tagline-mono.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6dfd4cb135b7606de63844168312dc34df31c6b0a256258315f9afde5001f179

Request headers

:path: /wp-content/uploads/2021/03/NandEagle-Vert-Tagline-mono.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:51 GMT
server: nginx
etag: "60d3ad6f-a87"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2695

GET
H2 200 Awards-Gartner_366x70.png
castellanbc.com/wp-content/uploads/2020/10/ 1 KB
2 KB 176ms
170ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/Awards-Gartner_366x70.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ef03654dd60e5166c6bae1478132437ecfd0182daa6619a9506b7fd3a84306c

Request headers

:path: /wp-content/uploads/2020/10/Awards-Gartner_366x70.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-558"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1368

GET
H2 200 Awards-CIR_366x70-e1603399439673.png
castellanbc.com/wp-content/uploads/2020/10/ 2 KB
2 KB 179ms
173ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/Awards-CIR_366x70-e1603399439673.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 564c4f5d8680a003bca270d6e838a262a1cef74ed915b4a28ba4bbc7db2f1d09

Request headers

:path: /wp-content/uploads/2020/10/Awards-CIR_366x70-e1603399439673.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-8b6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2230

GET
H2 200 Awards-BCI_366x70.png
castellanbc.com/wp-content/uploads/2020/10/ 3 KB
3 KB 181ms
175ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/Awards-BCI_366x70.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4e4bef16ed551469cb66ec4e4a4402ce830dd400214f91a428af180a81e07ed

Request headers

:path: /wp-content/uploads/2020/10/Awards-BCI_366x70.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-ba5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2981

GET
H2 200 Awards-DRI_366x70-e1603399401474.png
castellanbc.com/wp-content/uploads/2020/10/ 2 KB
2 KB 184ms
178ms Image
image/png 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/Awards-DRI_366x70-e1603399401474.png
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 27f8d921ce2c6f867fe1a21f44677e808b7b187e928f5d1f90f1e656bef5d3c6

Request headers

:path: /wp-content/uploads/2020/10/Awards-DRI_366x70-e1603399401474.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-6e6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1766

GET
H2 200 footer-logo.svg
castellanbc.com/wp-content/themes/castellan/images/ 1 KB
865 B 189ms
183ms Image
image/svg+xml 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/themes/castellan/images/footer-logo.svg
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88c3e38c6cff216228fd1c9a8478ffcbdf104acc9cacc3682cab50b3b00f569f

Request headers

:path: /wp-content/themes/castellan/images/footer-logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 21:53:54 GMT
server: nginx
etag: W/"60d3ad72-503"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 7u3lq.css
castellanbc.com/wp-content/cache/wpfc-minified/76wxaypz/ 5 KB
2 KB 206ms
205ms Stylesheet
text/css 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-content/cache/wpfc-minified/76wxaypz/7u3lq.css
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae5b54c8b1fafb572a40451773558ca90e171cb1e5c89053e592d490bee9b6e8

Request headers

:path: /wp-content/cache/wpfc-minified/76wxaypz/7u3lq.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Fri, 16 Jul 2021 08:50:32 GMT
server: nginx
etag: W/"60f14858-15b9"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 coblocks-animation.js Show response
castellanbc.com/wp-content/plugins/coblocks/dist/js/ 1 KB
863 B 189ms
184ms Script
application/javascript 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.13.0
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6be7095fc7b4ccf33a454343009429cda6343ba3c32bb05f1c33a0f242ee2888

Request headers

:path: /wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Thu, 08 Jul 2021 22:15:35 GMT
server: nginx
etag: W/"60e77907-550"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
castellanbc.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 137ms
136ms Script
application/javascript 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 21:53:47 GMT
server: nginx
etag: W/"60d3ad6b-183ee"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
castellanbc.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 194ms
189ms Script
application/javascript 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 21:53:59 GMT
server: nginx
etag: W/"60d3ad77-34ad"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 2224760.js Show response
js.hs-scripts.com/ 2 KB
990 B 428ms
406ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2224760.js?integration=WordPress
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4967060fc7ffe95133ff25c8a693d695ebb5a39abb2868dc3546f022d45b8b58

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-hubspot-correlation-id: a4c13462-6bc9-4859-8b65-8636fc327759
x-trace: 2B7E83E37974CC6449C22ED623AE7F1C862DC22027000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://castellanbc.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6727998bfefb2b41-FRA
expires: Wed, 21 Jul 2021 21:43:33 GMT

GET
H2 200 wpcf7-redirect-frontend-script.js Show response
castellanbc.com/wp-content/plugins/wpcf7-redirect/build/js/ 8 KB
2 KB 195ms
189ms Script
application/javascript 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4f1a413e47f90162ead328b5fe465ece8c0e32a1625bce9598d76c420a92f32

Request headers

:path: /wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 21:53:54 GMT
server: nginx
etag: W/"60d3ad72-1fe4"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 21 KB
8 KB 23ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js?ver=5.7.2

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3702753
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7510
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by: cache-fra19168-FRA
date: Wed, 21 Jul 2021 21:42:33 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
16 KB 23ms
18ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js?ver=5.7.2

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 6035299
cdn-cachedat: 2021-05-13 00:30:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2cceb571bef8017d7433de39a600331b
cf-ray: 6727998bd98f4e74-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.main.js Show response
castellanbc.com/wp-content/themes/castellan/js/ 132 KB
27 KB 196ms
191ms Script
application/javascript 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-content/themes/castellan/js/jquery.main.js?ver=5.7.2
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 38506f63d5c7176318d508ef5f7b2ec70f9652f9594c5e50118e10474e5f29c4

Request headers

:path: /wp-content/themes/castellan/js/jquery.main.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 11:29:25 GMT
server: nginx
etag: W/"60f56215-20e1a"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
castellanbc.com/wp-includes/js/ 1 KB
947 B 196ms
192ms Script
application/javascript 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
last-modified: Wed, 23 Jun 2021 21:53:46 GMT
server: nginx
etag: W/"60d3ad6a-592"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
48 KB 37ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8QNQ2K

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9f78242449e559aa41ab44f9f2f9c8ebba706ad1cdd306022d8c7dc883e50d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49229
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jul 2021 21:42:33 GMT

GET
H2 200 p8i9ickv3rh6.js Show response
js.driftt.com/include/1626903900000/ 214 KB
61 KB 227ms
157ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1626903900000/p8i9ickv3rh6.js

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

130d181d036804847e37ccd2d1e5b5c7a00d825289231a5eb8e88b3678bec328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 20:31:25 GMT
server: nginx
etag: W/"6b732dfac50488f76037737f30dd9fe2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YMPUJJMWF5PTTcsbLps6fC5rXhot_zxL
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UpMLpFJrViIGHLuNh_DNSIqD80HGcLLFSwLTnzS9QWV1rcQ94lBqLg==

GET
H2 200 BVUgdyfbgx0N90TnfW0J Show response
ws.zoominfo.com/pixel/ 0
491 B 199ms
174ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/BVUgdyfbgx0N90TnfW0J

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6727998c0f3f4ece-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0

GET
H2 200 xki0gtnig4 Show response
fast.wistia.net/embed/iframe/ Frame 249A 10 KB
3 KB 26ms
5ms Document
text/html 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/xki0gtnig4

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32e5cc9f00c007299949d47a027fd6708abdacd5a9b2ad6ef4b2bccf5116b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: fast.wistia.net
:scheme: https
:path: /embed/iframe/xki0gtnig4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://castellanbc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://castellanbc.com/

Response headers

access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: text/html; charset=utf-8
etag: W/"32e5cc9f00c007299949d47a027fd670"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 8a4a248b14b6aa6ec34cd9baace0d2a4
x-runtime: 0.071797
accept-ranges: bytes
date: Wed, 21 Jul 2021 21:42:33 GMT
age: 27567
x-served-by: cache-dca17776-DCA, cache-fra19181-FRA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1626903754.595814,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 89
content-length: 2977

GET
H2 200 Home_Header.jpg
castellanbc.com/wp-content/uploads/2020/10/ 44 KB
44 KB 207ms
206ms Image
image/jpeg 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/Home_Header.jpg
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3d3802482a697e665f7ca4c59cda76aafe908748b01335a3689991ce1b4fdef6

Request headers

:path: /wp-content/uploads/2020/10/Home_Header.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:54 GMT
server: nginx
etag: "60d3ad72-aedc"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 44764

GET
H2 200 Home_About-Us-Img.jpg
castellanbc.com/wp-content/uploads/2020/10/ 72 KB
72 KB 238ms
238ms Image
image/jpeg 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2020/10/Home_About-Us-Img.jpg
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c8aa708ff62a77e246435d69388ce7c198e787299c75af8b317b55b2538041b2

Request headers

:path: /wp-content/uploads/2020/10/Home_About-Us-Img.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:53 GMT
server: nginx
etag: "60d3ad71-11ef9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 73465

GET
H2 200 Cover-Image-BC-Business-Case.jpg
castellanbc.com/wp-content/uploads/2021/03/ 130 KB
130 KB 237ms
237ms Image
image/jpeg 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://castellanbc.com/wp-content/uploads/2021/03/Cover-Image-BC-Business-Case.jpg
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dcbc8cb6af046ec7ecac13536c24d091d0eb0717646765404fb94552d12d4f63

Request headers

:path: /wp-content/uploads/2021/03/Cover-Image-BC-Business-Case.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: castellanbc.com
referer: https://castellanbc.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:51 GMT
server: nginx
etag: "60d3ad6f-20841"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 133185

GET
H2 200 l
use.typekit.net/af/24953d/00000000000000003b9b3f2b/27/ 60 KB
60 KB 252ms
238ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/24953d/00000000000000003b9b3f2b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: febc1b8a74870a853e0e9690945d214bf233ea868b75a8cccc304960c79fdc8c

Request headers

Origin: https://castellanbc.com
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
server: nginx
etag: "e1a75389cbabe39c80b93758d4a0cde175e1bdaf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 61220

GET
H2 200 icomoon.ttf
castellanbc.com/wp-content/themes/castellan/fonts/ 4 KB
4 KB 167ms
164ms Font
application/octet-stream 35.225.35.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://castellanbc.com/wp-content/themes/castellan/fonts/icomoon.ttf?n6lnkc
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.225.35.51 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.35.225.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 80e7ee7ede5a4db71238c4edcb7bbf74b92b57ee85e396b10a32c30207045a50

Request headers

:path: /wp-content/themes/castellan/fonts/icomoon.ttf?n6lnkc
pragma: no-cache
origin: https://castellanbc.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: castellanbc.com
referer: https://castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://castellanbc.com
Referer: https://castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
last-modified: Wed, 23 Jun 2021 21:53:54 GMT
server: nginx
etag: "60d3ad72-f70"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3952

GET
H2 200 l
use.typekit.net/af/9985f4/00000000000000003b9b01fe/27/ 31 KB
31 KB 32ms
19ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9985f4/00000000000000003b9b01fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cea54b3bd16fab4ddc5e71278ef7817b674023c0ffa7c9e1d4ab82df53d1a652

Request headers

Origin: https://castellanbc.com
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
server: nginx
etag: "cf2a145a1e6f8ec088106d6960f264bc2dd5e6e3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31948

GET
H2 200 l
use.typekit.net/af/df5f8f/00000000000000003b9b0200/27/ 33 KB
33 KB 28ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/df5f8f/00000000000000003b9b0200/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 22baf8c26d5e2dd5944258e859b2ddb157e0d7f6d042ff8e7884a62b544bd274

Request headers

Origin: https://castellanbc.com
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
server: nginx
etag: "d84c3da29975f148a76a0be8d6731ba3970023da"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33480

GET
H2 200 l
use.typekit.net/af/e11540/00000000000000003b9b3f2a/27/ 64 KB
65 KB 23ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e11540/00000000000000003b9b3f2a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/wp-content/cache/wpfc-minified/963cyvz3/7u3lq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7df27ff3f4dcac385073e4a1c16d0e10faecd3611e63c2ce56e3fa88f99badbe

Request headers

Origin: https://castellanbc.com
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:33 GMT
server: nginx
etag: "f6acf9072b8977c63d375333a9999065996fdd86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 65844

GET
H2 200 xki0gtnig4 Show response
fast.wistia.net/embed/iframe/ Frame D60F 10 KB
3 KB 6ms
6ms Document
text/html 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/xki0gtnig4

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32e5cc9f00c007299949d47a027fd6708abdacd5a9b2ad6ef4b2bccf5116b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: fast.wistia.net
:scheme: https
:path: /embed/iframe/xki0gtnig4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://castellanbc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://castellanbc.com/

Response headers

access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: text/html; charset=utf-8
etag: W/"32e5cc9f00c007299949d47a027fd670"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 8a4a248b14b6aa6ec34cd9baace0d2a4
x-runtime: 0.071797
accept-ranges: bytes
date: Wed, 21 Jul 2021 21:42:34 GMT
age: 27567
x-served-by: cache-dca17776-DCA, cache-fra19181-FRA
x-cache: HIT, HIT
x-cache-hits: 2, 2
x-timer: S1626903754.094105,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: chrome
x-browser-version: 89
content-length: 2977

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 249A 14 KB
3 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/xki0gtnig4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cc682405da0c791261459c0e66f97a4c4c0226dcf0e5fed4cf9306d0f3f1e7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 910
x-cache: HIT, HIT
content-length: 3271
x-served-by: cache-dca12920-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903754.236778,VS0,VE0
etag: "60f86b67-cc7"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 6

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 474 KB
85 KB 894ms
873ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2224760.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c7e09d9fe7d9c61cc885e9d053de58fafb62a5140b04984c71bbe159301338

Request headers

Origin: https://castellanbc.com
Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:35 GMT
via: 1.1 98e30e5953336545df428a8f5923a289.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1035/bundle/main/lead-flows-release.js&cfRay=672799906f69d6cd-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 672799906f69d6cd-FRA
last-modified: Wed, 21 Jul 2021 03:45:33 UTC
server: cloudflare
etag: W/"47b28ae8fd0bd675890aecdb6c642f6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: xeFySbcGH2DZm4AVMZRI0AvG7v40l60B
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 5Pd_wlQL3DOaQqwJC-cIGBUIRjiybbIAicsCwMlrSlaQJiFZj6yuAA==
x-hs-target-asset: lead-flows-js/static-1.1035/bundle/main/lead-flows-release.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 42ms
16ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2224760.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c91959cba13f585a90c75338d4648c4a85ba1fa37bebc831ddc5570bb31b553

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
via: 1.1 91541e88a15c80bced2ffb950f407c1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 222
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.239/bundles/pixels-release.js&cfRay=67279423ea93d6d1-EWR
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 21 Jul 2021 02:37:54 UTC
server: cloudflare
etag: W/"e44498e40f8702c62c71cd0534a32a9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: g5yPrf7s3oYLkRu1P6pmcpnvL8S03uLm
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 672799906ad13237-FRA
x-amz-cf-id: B_WmPUU7PasZI6lOD9rkXjcTZnNi_GFQRgn7VBj8gdFJcmy6qfLzZA==
x-hs-target-asset: adsscriptloaderstatic/static-1.239/bundles/pixels-release.js

GET
H2 200 2224760.js Show response
js.hs-banner.com/ 62 KB
16 KB 411ms
385ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2224760.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2224760.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d66bedb4dbdae6be999443f14a59f95d1b80ac3928eaefe9d3c7a2b49902c11

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 504Z0GNSMF1M98BZ
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: jjBnvLubsQF4oFw+tm4Qs/S6cMPUEl2cd7gYV6+HbpCdYYwywYG4bFB3Zl8UIjVECki8mtBCzQE=
timing-allow-origin: *
last-modified: Wed, 14 Jul 2021 14:29:59 GMT
server: cloudflare
etag: W/"2744712a823fbfb590e4a2a786a42723"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: IglMWAAWFp2W1liY._8pa4CIvIVfBDKY
access-control-allow-origin: https://castellanbc.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 672799906bf24e3e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 21 Jul 2021 21:47:34 GMT

GET
H2 200 2224760.js Show response
js.hs-analytics.net/analytics/1626903600000/ 62 KB
20 KB 177ms
152ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1626903600000/2224760.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2224760.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 537e7eeb038fd2ccde897feb1355b6f15435578f44e20dbca59bb6a9384a4864

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: GE48299M7Q9F77MB
x-amz-server-side-encryption: AES256
cf-ray: 6727999069812b89-FRA
x-amz-id-2: 5hn15pynNghvrlzsHszQvPulp92EYvsEW3XCTaRGQIdV5D+MtvXU0ppn2DE1IVH1NiufjHyqvA4=
last-modified: Wed, 21 Jul 2021 15:10:40 GMT
server: cloudflare
etag: W/"cb240076410bc4db87f5d4b68ecdfac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 21 Jul 2021 21:47:34 GMT

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame D60F 14 KB
3 KB 8ms
5ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/xki0gtnig4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cc682405da0c791261459c0e66f97a4c4c0226dcf0e5fed4cf9306d0f3f1e7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 910
x-cache: HIT, HIT
content-length: 3271
x-served-by: cache-dca12920-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903754.307413,VS0,VE0
etag: "60f86b67-cc7"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 7

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 249A 599 KB
113 KB 7ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/xki0gtnig4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d551e02c1b2aa885b9a7a5d1ce56556d8d020ab282fb26e59d70975a60f93e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 910
x-cache: HIT, HIT
content-length: 115407
x-served-by: cache-dca17770-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903754.310468,VS0,VE0
etag: "60f86b67-1c2cf"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 11

GET
H2 200 swatch
fast.wistia.net/embed/medias/xki0gtnig4/ Frame 249A 2 KB
3 KB 17ms
17ms Image
image/jpeg 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/xki0gtnig4/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/xki0gtnig4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45ccd4e7ded3d3b7f3f55cb9ce511871e405e924f112f3c5a7b272ffe4f1c8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
access-control-request-method: *
age: 44252
x-cache: HIT, HIT
content-disposition: inline
content-length: 2183
x-served-by: cache-dca12926-DCA, cache-fra19181-FRA
access-control-allow-origin: *, *
x-browser-version: 89
last-modified: Tue, 08 Jun 2021 20:32:16 UTC
x-timer: S1626903754.312045,VS0,VE1
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31190366
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 126 KB
49 KB 49ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R08W416TF3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8QNQ2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dae01dc247a2a57dd65a9d1f4b4ee8a60a57fa709e4c73214d63825d88bd4c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50564
x-xss-protection: 0
expires: Wed, 21 Jul 2021 21:42:34 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8QNQ2K

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5716
date: Wed, 21 Jul 2021 20:07:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 21 Jul 2021 22:07:18 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 35ms
9ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8QNQ2K
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Jul 2021 21:42:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=32730
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame D60F 599 KB
113 KB 13ms
9ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/xki0gtnig4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d551e02c1b2aa885b9a7a5d1ce56556d8d020ab282fb26e59d70975a60f93e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 910
x-cache: HIT, HIT
content-length: 115407
x-served-by: cache-dca17770-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903754.356364,VS0,VE0
etag: "60f86b67-1c2cf"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 12

GET
H2 200 swatch
fast.wistia.net/embed/medias/xki0gtnig4/ Frame D60F 2 KB
2 KB 15ms
13ms Image
image/jpeg 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/xki0gtnig4/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/xki0gtnig4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45ccd4e7ded3d3b7f3f55cb9ce511871e405e924f112f3c5a7b272ffe4f1c8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
access-control-request-method: *
age: 44252
x-cache: HIT, HIT
content-disposition: inline
content-length: 2183
x-served-by: cache-dca12926-DCA, cache-fra19181-FRA
access-control-allow-origin: *, *
x-browser-version: 89
last-modified: Tue, 08 Jun 2021 20:32:16 UTC
x-timer: S1626903754.359321,VS0,VE0
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31190366
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 33ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-181271870-1&cid=188878445.1626903754&jid=139925386&gjid=240226224&_gid=525038749.1626903754&_u=YGBAgEADQAAAAE~&z=811180652

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Jul 2021 21:42:34 GMT
content-type: text/plain
access-control-allow-origin: https://castellanbc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 98 KB
39 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-K7TG5XS&t=gtm5&cid=188878445.1626903754

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30dbb7187d9b2a517f4e0f3ccbe4917199621938958dc340fe69455eaf43926b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39563
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jul 2021 21:42:34 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1579367828&t=pageview&_s=1&dl=https%3A%2F%2Fcastellanbc.com%2F&ul=en-us&de=UTF-8&dt=Business%20Continuity%20Management%20-%20Castellan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEADQ~&jid=139925386&gjid=240226224&cid=188878445.1626903754&tid=UA-181271870-1&_gid=525038749.1626903754&gtm=2wg7j0W8QNQ2K&z=1536158938

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 03:43:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64758
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-181271870-1&cid=188878445.1626903754&jid=139925386&_u=YGBAgEADQAAAAE~&z=232809576

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-181271870-1&cid=188878445.1626903754&jid=139925386&_u=YGBAgEADQAAAAE~&z=232809576

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2586946&time=1626903754516&url=https%3A%2F%2Fcastellanbc.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2586946%26time%3D1626903754516%26url%3Dhttps%253A%252F%252Fcastellanbc.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2586946&time=1626903754516&url=https%3A%2F%2Fcastellanbc.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2586946&time=1626903754516&url=https%3A%2F%2Fcastellanbc.com%2F&liSync=true&e_ipv6=AQLITtuiPSxszAAAAXrLBTnsYFykmOZXilbu_UfXG6pIYHg4r4YVHpVOULnm9j...

0
155 B

413ms
166ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2586946&time=1626903754516&url=https%3A%2F%2Fcastellanbc.com%2F&liSync=true&e_ipv6=AQLITtuiPSxszAAAAXrLBTnsYFykmOZXilbu_UfXG6pIYHg4r4YVHpVOULnm9jcJVn0TogC7
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:35 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: ipUvlVjskxbwysy67SoAAA==

Redirect headers

date: Wed, 21 Jul 2021 21:42:35 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2586946&time=1626903754516&url=https%3A%2F%2Fcastellanbc.com%2F&liSync=true&e_ipv6=AQLITtuiPSxszAAAAXrLBTnsYFykmOZXilbu_UfXG6pIYHg4r4YVHpVOULnm9jcJVn0TogC7
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: VMymfVjskxaQ992swyoAAA==

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R08W416TF3&gtm=2oe7j0&_p=1579367828&sr=1600x1200&ul=en-us&cid=188878445.1626903754&_s=1&dl=https%3A%2F%2Fcastellanbc.com%2F&dt=Business%20Continuity%20Management%20-%20Castellan&sid=1626903754&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R08W416TF3&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://castellanbc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 249A 59 KB
13 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb945b2f959684b8a243c282b0209432e5ebe3310ce8f6b46a9dee6b50b1fe3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 911
x-cache: HIT, HIT
content-length: 12688
x-served-by: cache-dca17734-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.616606,VS0,VE0
etag: "60f86b67-3190"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 8

GET
DATA 200
OK truncated
/ Frame 249A 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Origin: https://fast.wistia.net
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 swatch
fast.wistia.net/embed/medias/xki0gtnig4/ Frame 249A 2 KB
3 KB 7ms
6ms Image
image/jpeg 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/xki0gtnig4/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45ccd4e7ded3d3b7f3f55cb9ce511871e405e924f112f3c5a7b272ffe4f1c8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
access-control-request-method: *
age: 44252
x-cache: HIT, HIT
content-disposition: inline
content-length: 2183
x-served-by: cache-dca12926-DCA, cache-fra19181-FRA
access-control-allow-origin: *, *
x-browser-version: 89
last-modified: Tue, 08 Jun 2021 20:32:16 UTC
x-timer: S1626903755.701096,VS0,VE0
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31190366
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 3

GET
H2 200 648a3d7c0d99b4e069fe0e9bb27cdccd.webp
embed-fastly.wistia.com/deliveries/ Frame 249A 27 KB
27 KB 125ms
39ms Image
image/webp 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-fastly.wistia.com/deliveries/648a3d7c0d99b4e069fe0e9bb27cdccd.webp?image_crop_resized=1920x1080
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ebc210c3eec7ff1a8c50ae161aeb651e9c9795afa35456a770bdefb2dd7e7daa

Request headers

Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
via: 1.1 varnish, 1.1 varnish
age: 571930
edge-cache-tag: 648a3d7c0d99b4e069fe0e9bb27cdccd
access-control-request-method: *
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 27950
x-served-by: cache-dca17778-DCA, cache-cdg20725-CDG
last-modified: Tue, 08 Jun 2021 20:32:16 UTC
x-timer: S1626903755.805523,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
H2 200 wistia-mux.js Show response
fast.wistia.net/assets/external/ Frame D60F 92 KB
24 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e1b1e3c604972c779dcc1149be5533d0f9d80c963112e41cdc3d161f7665313

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 910
x-cache: HIT, HIT
content-length: 24741
x-served-by: cache-dca12922-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.729156,VS0,VE0
etag: "60f86b67-60a5"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 8

GET
H2 200 postRoll-v2.js Show response
fast.wistia.net/assets/external/ Frame 249A 57 KB
12 KB 7ms
7ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/postRoll-v2.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37aaa462a25ed2aa6ec53434469ac9b93446ac5608d7d8842ed874e0080e0d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 911
x-cache: HIT, HIT
content-length: 12528
x-served-by: cache-dca17764-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.746317,VS0,VE0
etag: "60f86b67-30f0"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame D60F 59 KB
13 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb945b2f959684b8a243c282b0209432e5ebe3310ce8f6b46a9dee6b50b1fe3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 911
x-cache: HIT, HIT
content-length: 12688
x-served-by: cache-dca17734-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.757474,VS0,VE0
etag: "60f86b67-3190"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 9

GET
H2 200 swatch
fast.wistia.net/embed/medias/xki0gtnig4/ Frame D60F 2 KB
3 KB 8ms
7ms Image
image/jpeg 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/xki0gtnig4/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45ccd4e7ded3d3b7f3f55cb9ce511871e405e924f112f3c5a7b272ffe4f1c8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
access-control-request-method: *
age: 44252
x-cache: HIT, HIT
content-disposition: inline
content-length: 2183
x-served-by: cache-dca12926-DCA, cache-fra19181-FRA
access-control-allow-origin: *, *
x-browser-version: 89
last-modified: Tue, 08 Jun 2021 20:32:16 UTC
x-timer: S1626903755.777604,VS0,VE0
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31190366
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H2 200 648a3d7c0d99b4e069fe0e9bb27cdccd.webp
embed-fastly.wistia.com/deliveries/ Frame D60F 7 KB
8 KB 44ms
39ms Image
image/webp 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-fastly.wistia.com/deliveries/648a3d7c0d99b4e069fe0e9bb27cdccd.webp?image_crop_resized=640x360
Requested by: Host: castellanbc.com
URL: https://castellanbc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 603dd772dd38d1decc8131c2226e430ebcff9054f27524648acee0b0f19c8c8f

Request headers

Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
via: 1.1 varnish, 1.1 varnish
age: 1151765
edge-cache-tag: 648a3d7c0d99b4e069fe0e9bb27cdccd
access-control-request-method: *
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 7306
x-served-by: cache-dca17761-DCA, cache-cdg20725-CDG
last-modified: Tue, 08 Jun 2021 20:32:16 UTC
x-timer: S1626903755.805551,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
H2 200 postRoll-v2.js Show response
fast.wistia.net/assets/external/ Frame D60F 57 KB
12 KB 21ms
19ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/postRoll-v2.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37aaa462a25ed2aa6ec53434469ac9b93446ac5608d7d8842ed874e0080e0d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 911
x-cache: HIT, HIT
content-length: 12528
x-served-by: cache-dca17764-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.806436,VS0,VE0
etag: "60f86b67-30f0"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 3

GET
H2 200 OverlaysBehavior.js Show response
fast.wistia.net/assets/external/vulcanV2Player/behaviors/ Frame 249A 70 KB
15 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/vulcanV2Player/behaviors/OverlaysBehavior.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cedf0379f2c7495afb13d43ef0a3037e4c8a402c4aee28dcdb5395bbd45bbdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 911
x-cache: HIT, HIT
content-length: 15276
x-served-by: cache-dca17767-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.870139,VS0,VE0
etag: "60f86b67-3bac"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 OverlaysBehavior.js Show response
fast.wistia.net/assets/external/vulcanV2Player/behaviors/ Frame D60F 70 KB
15 KB 8ms
7ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/vulcanV2Player/behaviors/OverlaysBehavior.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cedf0379f2c7495afb13d43ef0a3037e4c8a402c4aee28dcdb5395bbd45bbdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 911
x-cache: HIT, HIT
content-length: 15276
x-served-by: cache-dca17767-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.913613,VS0,VE0
etag: "60f86b67-3bac"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 3

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 249A 355 KB
83 KB 13ms
6ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d51464a2bd03f2ca4489f53f4ace93784aaf19cb2275a1aaa5d9e49d6b55ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 910
x-cache: HIT, HIT
content-length: 85139
x-served-by: cache-dca17744-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.988423,VS0,VE0
etag: "60f86b67-14c93"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 7

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame D60F 355 KB
83 KB 13ms
7ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d51464a2bd03f2ca4489f53f4ace93784aaf19cb2275a1aaa5d9e49d6b55ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:34 GMT
content-encoding: br
vary: Accept-Encoding
age: 910
x-cache: HIT, HIT
content-length: 85139
x-served-by: cache-dca17744-DCA, cache-fra19181-FRA
access-control-allow-origin: *
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 18:45:59 GMT
x-timer: S1626903755.988489,VS0,VE0
etag: "60f86b67-14c93"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 8

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 249A 1 KB
1 KB 8ms
6ms Image
image/gif 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Host: castellanbc.com
URL: https://castellanbc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Origin: https://fast.wistia.net
Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:35 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 911
x-cache: HIT, HIT
x-cache-hits: 1, 9
content-length: 1214
x-served-by: cache-dca17769-DCA, cache-fra19181-FRA
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 21:25:46 GMT
x-timer: S1626903755.056242,VS0,VE0
etag: "60f890da-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame D60F 1 KB
1 KB 6ms
6ms Image
image/gif 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Origin: https://fast.wistia.net
Referer: https://fast.wistia.net/embed/iframe/xki0gtnig4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:35 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 911
x-cache: HIT, HIT
x-cache-hits: 1, 10
content-length: 1214
x-served-by: cache-dca17769-DCA, cache-fra19181-FRA
x-browser-version: 89
last-modified: Wed, 21 Jul 2021 21:25:46 GMT
x-timer: S1626903755.063765,VS0,VE0
etag: "60f890da-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 x Show response
distillery.wistia.com/ Frame 249A 0
95 B 360ms
122ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 21:42:35 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 204 x Show response
distillery.wistia.com/ Frame D60F 0
96 B 335ms
120ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 21:42:35 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 249A 2 B
136 B 372ms
120ms XHR
text/plain 52.6.75.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.75.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-75-166.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 21:42:35 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame D60F 2 B
135 B 358ms
120ms XHR
text/plain 52.6.75.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.75.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-75-166.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 21:42:35 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 core Show response
js.driftt.com/ Frame 8691 5 KB
2 KB 50ms
49ms Document
text/html 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1626903900000/p8i9ickv3rh6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ae3617b19bca8babbd95f009b8454e5fa0e24bf588af91c915cf03980cee99bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://castellanbc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://castellanbc.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 20 Jul 2021 20:31:14 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Av4mNFuY83P58KmzkVZ3vB66qdAzfQrc
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 21 Jul 2021 21:42:35 GMT
cache-control: no-cache
etag: W/"d7d0bc9ab912a299c507586d79e6ef82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: qvuvUnoTvgwvQbNH_qfOVZ1mLOJz5px9itJ3fDwdXqv8pqN4dOpeTg==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame F01A 5 KB
2 KB 67ms
64ms Document
text/html 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1626903900000/p8i9ickv3rh6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ae3617b19bca8babbd95f009b8454e5fa0e24bf588af91c915cf03980cee99bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://castellanbc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://castellanbc.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 20 Jul 2021 20:31:14 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Av4mNFuY83P58KmzkVZ3vB66qdAzfQrc
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 21 Jul 2021 21:42:35 GMT
cache-control: no-cache
etag: W/"d7d0bc9ab912a299c507586d79e6ef82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: z0-5zXYyPhIzTu-2Sszt_jaF5bTReje6025zZ9O68PZFVdUCTyjb8g==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
791 B 56ms
32ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2224760&ct=standard-page&rcu=https%3A%2F%2Fcastellanbc.com%2F&pu=https%3A%2F%2Fcastellanbc.com%2F&t=Business+Continuity+Management+-+Castellan&cts=1626903755751&vi=c5d9cb9f062b3294f19ea0d535382917&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:35 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8b6abb99-6c94-413d-b53f-4a5a14681367
cf-ray: 672799999d3d4e26-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW5bdBdDLX54LBiF7z%2F28Y0UtVKPKmAUzw6oxFm%2BeuyIJ9grzH2RfDmdVyMaQNPdFcuwpcoPTkqG9WknJX7jGATob8mwgSN5GsYxZmKE%2F10Bf%2FbQ%2BBMXobO5szJx%2F9MlH%2BbVNY4JbuvlyImRDiE1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 132 B
947 B 140ms
120ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2224760

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac79e8889da963cd9af2f784b2ec35fe3eaf338e97eaa6f16a2ec6d1ab9a15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b348bcfa-ad5b-468e-86b9-150f6726e734
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
x-trace: 2B840848C2AA3BCBBAD984626E67F757343F09F3EC000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJI%2BSFvmaKytSeqGuUR13vezeAVGV9TKQeYgn0jWnAgxMtvOeuHKuEvhkYpP%2Br9t%2B1iHcyoraHbboN%2BS79k8xv8aXm1nkuN7Yf6mbXjjJiJhHqnx4tR8zXJeRWPh0qtvgRhvtr%2BZMZloMO1z"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://castellanbc.com
access-control-allow-credentials: false
cf-ray: 672799999c124a5c-FRA
access-control-allow-headers: *

GET
H2 200 runtime~main.af35c199.js Show response
js.driftt.com/core/assets/js/ Frame 8691 5 KB
3 KB 28ms
27ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f73ac769bc461e20e8815f4039b0a6af101bb64fa144f16a72c8a7e7a14bf364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 20:27:43 GMT
content-encoding: gzip
age: 90891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 18:46:38 GMT
server: nginx
etag: W/"e7e296c64991b6013c9160a31b16aa2e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YYeHU43yYZ4GoMFpBXDkmSCsk0HJTppB
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h-bzUs34_kEsXcISWu4xrgqQf67w-6FRvMMh6Pi9MsSS7yuiB_c-bA==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 44 KB
13 KB 31ms
29ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 456242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: btvE8D3DB83dUua6ovQzvSW2rcclwYPWtLOQE-2cXuIJZk960kkTiA==

GET
H2 200 16.053b05ea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 44 KB
13 KB 34ms
32ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.053b05ea.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

fb7b878ca8be327909d9dbbaf8f2920ca3e81cda6c3ecc9dc041b725bb323203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 456242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:28 GMT
server: nginx
etag: W/"add22d65f550ec9b2387cf62556eeb85"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: G7hp.OeARWkkm6DrU2wibDWIlT9ooQA7
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M5LV8z3mttbcKnc6_FnwGxyOJOAvlaRYW-L5OrQWFXFuvuiME9Ky9w==

GET
H2 200 20.c8bfaace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 76 KB
23 KB 37ms
34ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.c8bfaace.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"05fb3a19322fe33456695700b22ca4e2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XrcMsqvGZTNer7Z.KNWB8MIL9me2aaW4
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4IVnAo662QlKSkaTuFtpSRDVKFbBYCPW8U5QoXwSiUlVu52klrxVog==

GET
H2 200 14.d3d002d2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 16 KB
17 KB 40ms
36ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.d3d002d2.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16842
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "623891dd85333e1266f748ec25173f58"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4CVN_HgdOmbq_dGfaSpUmJSbudwDZyhV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SdtEDoZZtSvRuSel1MYlT4WGnw5tzwfpVwyuWRmVwsGSKxKY-2FkGw==

GET
H2 200 33.2c426dc0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 15 KB
6 KB 40ms
37ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.2c426dc0.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"69d70b55b949b7cd8bccc9cd1cbc9472"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _1M1o3WCiGZ0qmy1UCRBmPw1fh2L1rrk
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5LtXiyOWhp9IJxJrlURBcx0Iq_8914RrW2miR35X2Q_FE_PpGuYw-w==

GET
H2 200 21.cef624a1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 49 KB
15 KB 53ms
50ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.cef624a1.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"0b114875bf85f5dd5e70982e9a34db7f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FBGyBlSBcINm9YYkEklzCtlqnGwoP5xl
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rnuSqSj-wG6yp1SlZBmuA5eHsNbhmDxUSl6GF7GOJxmlzzlYfJEDCw==

GET
H2 200 12.744a3ffe.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 44 KB
44 KB 53ms
50ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.744a3ffe.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 44752
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "2bf45f1f1322f108d1ae12847ce1be35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F9h2FvsHmB4lYvfLUyfzNGYjSOv6XNZT
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FHbqaYcghr5YMIcLeLJnG2oa_B0ZDooUMz6hWvA_WBkOWrx2Gmvy0g==

GET
H2 200 11.1e60125c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 25 KB
7 KB 54ms
51ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.1e60125c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"ecad5ea4d5adea93b258b77317b364f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4nyc0RtLALHBygnzvqMmY59PpRjihEAU
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9_LvBRTR_GnLGOtzX5TaI4WjmVe6p_Q61NMrnbG--dABYN9qd2YDAA==

GET
H2 200 32.a09dc9c3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 25 KB
9 KB 54ms
51ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.a09dc9c3.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"11468efba479c18522bb9d2b65da22a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q9MFp7oNNzkLvvU_J3YW1ywErHeUAICE
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n5T3z1-okoJvKQ19_yf-z9kMHtIRIZx1YdwP90MhftO7y4_XMNcoZw==

GET
H2 200 17.4af8d397.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 125 KB
39 KB 55ms
53ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4af8d397.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"2cd82a6eb20e3bddad173874c9fe7fdf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zADY6K9Aqe2nr8_M3TTPRHQY4TSKPAxh
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r3H3AmbbeYxi2gAT7YdPazkEKjzoJw6SvwbsgIlw_95iNLi_xdbXdw==

GET
H2 200 35.a8afab31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 52 KB
18 KB 62ms
59ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.a8afab31.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 11:25:21 GMT
content-encoding: gzip
age: 7813034
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Apr 2021 21:12:39 GMT
server: nginx
etag: W/"e000fed6be2bb9d6650a3d6298820c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QuqpYg5lqin20fiKflVNz9mPsd5qwhed
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FvLybBDRLxuLJayJTyhiebonGIxJd-cBQWYY0wuZk75DwNvBfqdFkA==

GET
H2 200 30.5b748463.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 24 KB
10 KB 66ms
64ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5b748463.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"480c37b4c7944b05a252c69d3933fba4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: egX4a_fGKXL4O3c8DqHakvl0iABx61BY
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d5uFGLwmxRFbgxP0ZQUI-S5blfiPLK14maPLjlKZ4h57voZlDh_c7w==

GET
H2 200 15.4694d44f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 14 KB
6 KB 67ms
65ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.4694d44f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"9ea9ef7e788d6bd0b0b5cd39f83ed71d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DItkDO5D10.qCJpq7kGUj2H4ciqXe9xL
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c2-_3Fy0J_EQ2T8DxGwafVGdbcgqlHj_UI0fYeIEEPviRZ73hloNoA==

GET
H2 200 7.76d57e6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 60 KB
21 KB 67ms
65ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.76d57e6f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 08:31:11 GMT
content-encoding: gzip
age: 2034684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 15:51:02 GMT
server: nginx
etag: W/"aa4a9ec028f191c0ca1548643eeda4bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9fUcrcSskDahH0wsV9ouaXswXvOU09r7
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MxQBIxewoazvhhLTX6O0tZ3zvVoxxUMYmn2xlBVp8sL1zRsjPajSbA==

GET
H2 200 main~493df0b3.945ac7ec.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 75 KB
23 KB 68ms
66ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.945ac7ec.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8e80615421cbd6da5db1c00ef1a784a93cb97de466916c1f8b38f3a5c5813f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 17:29:30 GMT
content-encoding: gzip
age: 533585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 15:57:22 GMT
server: nginx
etag: W/"be2582f09b6e7aa910e85529af087a16"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ko1zgZfELYV1uLZNqMPtNUBg8h0g4I4_
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uIqx8Cp-TYjw-ptXZU4lFyme61jjAhcJKqtaDLhoNquhCHKug4pmnw==

GET
H2 200 main~50ba91a7.60055c5a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 66 KB
17 KB 69ms
68ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~50ba91a7.60055c5a.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a4f3d0629887daa602b75393bacd6b25f72f52178a45d807ac591a3f86afe40d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 17:29:30 GMT
content-encoding: gzip
age: 533585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 15:57:22 GMT
server: nginx
etag: W/"d6f57accf0efbd739df53b0e56ee1538"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K7bDdMcuPehHyKo.0Fo0qglQMblyx1za
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DP5MvHwg8gWqq5X4dhM22Ppb8hQkrApZ4uKafVxTO3RKGM-8Fw2nfA==

GET
H2 200 main~89e24786.ec771d8e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 68 KB
18 KB 71ms
69ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.ec771d8e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0bde679faadb8406294bf9a5e821a71ee7bc428e5497259fbf7a6b74c6571f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 20:31:13 GMT
content-encoding: gzip
age: 90682
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 18:46:38 GMT
server: nginx
etag: W/"9172dae0878f887f429a3ef7f4a7e59c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpdRE5lDJIE6dAhIq0G2bXM5uDoWw1Lw
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qoM-_kmjqGl27DvFru2unvnpnb0QbRw2XyNtRnL6aBOEHmBEagaj_g==

GET
H2 200 main~53ca99a6.632e1c2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 37 KB
12 KB 72ms
70ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.632e1c2f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

75ca0a760f4c7f0c139905e116f34f986b6b02272130c0b0b7cbcaa204ee60b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 20:31:13 GMT
content-encoding: gzip
age: 90682
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 18:46:37 GMT
server: nginx
etag: W/"49633a8c372ed469155064c4a7f91834"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zH8t366il0Ic2lP5YqEC8Z1XuEe58Y40
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 74SJT-QuzhH3cck3-wufbo-blCWYeE9LYXq1deiy97SuNESsJ83jDw==

GET
H2 200 main~493df0b3.a17ec6ba.chunk.css
js.driftt.com/core/assets/css/ Frame 8691 10 KB
3 KB 69ms
68ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/main~493df0b3.a17ec6ba.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

08c342aa32e495a8a14ab30d3ae807fa12907cd243111d224d9bb2917b9e9791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 17:22:00 GMT
content-encoding: gzip
age: 793235
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 17:01:38 GMT
server: nginx
etag: W/"29d1e40533b15ec17e2ba1b54ba08ccb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HkTEJJuavn19c1W7LdyOsR3UFaxpmfNh
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uOC7WAjMR6YHnvjERXBaiUkNRiOQy7ia0TnPebk-kh7t15WiC2uLcA==

GET
H2 200 runtime~main.af35c199.js Show response
js.driftt.com/core/assets/js/ Frame F01A 5 KB
3 KB 57ms
57ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f73ac769bc461e20e8815f4039b0a6af101bb64fa144f16a72c8a7e7a14bf364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 20:27:43 GMT
content-encoding: gzip
age: 90891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 18:46:38 GMT
server: nginx
etag: W/"e7e296c64991b6013c9160a31b16aa2e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YYeHU43yYZ4GoMFpBXDkmSCsk0HJTppB
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cGGSP-d1LIiH8BQmWgXdNAUVlRlpE0Cg-PVL0-vDJIRpb8I_LRGhqQ==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 44 KB
13 KB 58ms
57ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 456242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tb0z8KbZEUni7JCOPJamOr9io6okbLQ17XA1HMk9wv6IArWLR6znZA==

GET
H2 200 16.053b05ea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 44 KB
13 KB 58ms
57ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.053b05ea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

fb7b878ca8be327909d9dbbaf8f2920ca3e81cda6c3ecc9dc041b725bb323203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 456242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:28 GMT
server: nginx
etag: W/"add22d65f550ec9b2387cf62556eeb85"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: G7hp.OeARWkkm6DrU2wibDWIlT9ooQA7
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yWmew-1WBr0lG4i5DBrnVa-R4EfMeySSYK-cqFpdTGA5W_eNCGl4jg==

GET
H2 200 20.c8bfaace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 76 KB
23 KB 59ms
57ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.c8bfaace.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"05fb3a19322fe33456695700b22ca4e2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XrcMsqvGZTNer7Z.KNWB8MIL9me2aaW4
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jkeuHgfyVDfynsyUQCY9ZFM03o7BkvcF5DDo6ZisgBMeMV2gIDbvQw==

GET
H2 200 14.d3d002d2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 16 KB
17 KB 60ms
57ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.d3d002d2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16842
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "623891dd85333e1266f748ec25173f58"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4CVN_HgdOmbq_dGfaSpUmJSbudwDZyhV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pJ0iRN8McemV4oYpVvmdf8_aEGv9WwiqDNhhfaYJtDmnMPBdH_bukA==

GET
H2 200 33.2c426dc0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 15 KB
6 KB 60ms
58ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.2c426dc0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"69d70b55b949b7cd8bccc9cd1cbc9472"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _1M1o3WCiGZ0qmy1UCRBmPw1fh2L1rrk
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0DZ6WURQ-Ka0RgpfkCFGu27itklGTrG429fEcNCjXdeUbsrFQ1G1FA==

GET
H2 200 21.cef624a1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 49 KB
15 KB 60ms
58ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.cef624a1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"0b114875bf85f5dd5e70982e9a34db7f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FBGyBlSBcINm9YYkEklzCtlqnGwoP5xl
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l5NeMoGv8GHlPCr5sZ5_qyVBZ8JHzXf3Px0ZPNx0k8t3nv7C0EVwbg==

GET
H2 200 12.744a3ffe.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 44 KB
44 KB 61ms
59ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.744a3ffe.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 44752
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "2bf45f1f1322f108d1ae12847ce1be35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F9h2FvsHmB4lYvfLUyfzNGYjSOv6XNZT
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u12BbBSn8vMJ12W162UE-f10A4q-RxQA_Z3vISHrCRmwy8YE0KHThA==

GET
H2 200 11.1e60125c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 25 KB
7 KB 63ms
61ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.1e60125c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"ecad5ea4d5adea93b258b77317b364f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4nyc0RtLALHBygnzvqMmY59PpRjihEAU
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LjXtNXtJBeI6qrzMJAlcSkiI4SEywt6y7EHbsS7LxRDbWiO3XoHXhg==

GET
H2 200 32.a09dc9c3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 25 KB
9 KB 63ms
61ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.a09dc9c3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"11468efba479c18522bb9d2b65da22a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q9MFp7oNNzkLvvU_J3YW1ywErHeUAICE
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aDpmKCmxHTa98qE1xXpEWvehGBsCHX6mvTB3-tc0_FAmIZu6zyaPBA==

GET
H2 200 17.4af8d397.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 125 KB
39 KB 64ms
62ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4af8d397.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"2cd82a6eb20e3bddad173874c9fe7fdf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zADY6K9Aqe2nr8_M3TTPRHQY4TSKPAxh
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5uEHHh03GeyFYv5Wf4-ugclspGKj455Qc1LbL0jNQEUkqyedIEnWLA==

GET
H2 200 35.a8afab31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 52 KB
18 KB 65ms
63ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.a8afab31.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 11:25:21 GMT
content-encoding: gzip
age: 7813034
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Apr 2021 21:12:39 GMT
server: nginx
etag: W/"e000fed6be2bb9d6650a3d6298820c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QuqpYg5lqin20fiKflVNz9mPsd5qwhed
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EV6citqyL0PUhVH-TyOm87Gc-J6ud50QY21YG6ggBvlyR_fSHWre3w==

GET
H2 200 30.5b748463.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 24 KB
10 KB 66ms
64ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5b748463.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"480c37b4c7944b05a252c69d3933fba4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: egX4a_fGKXL4O3c8DqHakvl0iABx61BY
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xFPlnBfBV2rfyGOMTyxEGQfD3FgYMI8yPdLBRHegLv97NKLbQXpAAQ==

GET
H2 200 15.4694d44f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 14 KB
6 KB 66ms
65ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.4694d44f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"9ea9ef7e788d6bd0b0b5cd39f83ed71d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DItkDO5D10.qCJpq7kGUj2H4ciqXe9xL
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CRkTnkaUTRCLi35tIMGEmisJcneiC425wk8Ajbi-w6AJGuXycFefkQ==

GET
H2 200 7.76d57e6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 60 KB
21 KB 67ms
65ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.76d57e6f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 08:31:11 GMT
content-encoding: gzip
age: 2034684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 15:51:02 GMT
server: nginx
etag: W/"aa4a9ec028f191c0ca1548643eeda4bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9fUcrcSskDahH0wsV9ouaXswXvOU09r7
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vji_xwUIzpW_GsDx52qyjhjuYL-YlJDcW3Mcjln53aiZofXGcTkBoA==

GET
H2 200 main~493df0b3.945ac7ec.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 75 KB
23 KB 68ms
66ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.945ac7ec.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8e80615421cbd6da5db1c00ef1a784a93cb97de466916c1f8b38f3a5c5813f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 17:29:30 GMT
content-encoding: gzip
age: 533585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 15:57:22 GMT
server: nginx
etag: W/"be2582f09b6e7aa910e85529af087a16"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ko1zgZfELYV1uLZNqMPtNUBg8h0g4I4_
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4dvI_1EcBqAsozgei8AL8rjRQtNd39i_8ss27NXxuEggww0e-yu9dg==

GET
H2 200 main~50ba91a7.60055c5a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 66 KB
17 KB 70ms
69ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~50ba91a7.60055c5a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a4f3d0629887daa602b75393bacd6b25f72f52178a45d807ac591a3f86afe40d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 17:29:30 GMT
content-encoding: gzip
age: 533585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 15:57:22 GMT
server: nginx
etag: W/"d6f57accf0efbd739df53b0e56ee1538"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K7bDdMcuPehHyKo.0Fo0qglQMblyx1za
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G2ya2H8wiilUW6Kxiw8_e-kkv5vxYGAsm4XIadjQlGHqhA3MsHl6tQ==

GET
H2 200 main~89e24786.ec771d8e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 68 KB
18 KB 70ms
69ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.ec771d8e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0bde679faadb8406294bf9a5e821a71ee7bc428e5497259fbf7a6b74c6571f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 20:31:13 GMT
content-encoding: gzip
age: 90682
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 18:46:38 GMT
server: nginx
etag: W/"9172dae0878f887f429a3ef7f4a7e59c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpdRE5lDJIE6dAhIq0G2bXM5uDoWw1Lw
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kt5tcy3MV8IPCFnCFMNK2IOeLJ5fcnV4cpa6qfoFC_F1w1Pq4MV6kQ==

GET
H2 200 main~53ca99a6.632e1c2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 37 KB
12 KB 71ms
70ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.632e1c2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

75ca0a760f4c7f0c139905e116f34f986b6b02272130c0b0b7cbcaa204ee60b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 20:31:13 GMT
content-encoding: gzip
age: 90682
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 18:46:37 GMT
server: nginx
etag: W/"49633a8c372ed469155064c4a7f91834"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zH8t366il0Ic2lP5YqEC8Z1XuEe58Y40
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JkHUu8LNAT0YQ95fgJY4IskBL_p49OCa0l2_XQh2DDtH1jZtDFD9nw==

GET
H2 200 main~493df0b3.a17ec6ba.chunk.css
js.driftt.com/core/assets/css/ Frame F01A 10 KB
3 KB 70ms
70ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/main~493df0b3.a17ec6ba.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

08c342aa32e495a8a14ab30d3ae807fa12907cd243111d224d9bb2917b9e9791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 17:22:00 GMT
content-encoding: gzip
age: 793235
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 17:01:38 GMT
server: nginx
etag: W/"29d1e40533b15ec17e2ba1b54ba08ccb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HkTEJJuavn19c1W7LdyOsR3UFaxpmfNh
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vKMXBADOkubmpVJ5ik7YIuT_6Q2OwV5ZdJxBeVSYmko_h3C4I7TjDQ==

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 3 KB
2 KB 190ms
163ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2224760&utk=c5d9cb9f062b3294f19ea0d535382917&__hstc=124575829.c5d9cb9f062b3294f19ea0d535382917.1626903755748.1626903755748.1626903755748.1&__hssc=124575829.1.1626903755749&currentUrl=https%3A%2F%2Fcastellanbc.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

700518d2a358476701cd12886720badd61247093b5db8e8fa05d3f001fb98f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 0248fae0-25e9-4406-befd-487d40d96d4f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BcEvGxhcc3jWWLtZengj6MxEkofBtpM1vlZYD49x0Ai3TUAfQjoC71MUuBf5%2BsQ3UXM0xoKnv%2B0pipObxpEToHSCFP%2BRDrZVNdYVWMUS3ffIpdn97%2FazmiQw%2BmHk7qpnicZw3xqf%2BGokUsErF6Y"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://castellanbc.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6727999a1a704a97-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame 8691 2 B
403 B 530ms
131ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 21 Jul 2021 21:42:36 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 26.99c92d86.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 22 KB
7 KB 35ms
34ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.99c92d86.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1225469
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"68dd2d5bbc3d1f109781a2b2021aacb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9Zo3GBosIu3ow1incjCLN3q.ALDypy7R
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bKbIgJlrBCOu2HwIASb88-qB57dEytzkm9aBkYIijFt9gOQgyQsOhA==

GET
H2 200 28.c8071680.chunk.css
js.driftt.com/core/assets/css/ Frame 8691 1 KB
1 KB 34ms
33ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.c8071680.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1225469
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8d9d05ce6555c8a82ab4b586aecc7a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OwfnuSWa.W0YMJmeYUluWIVAPiXJKKhs
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6XlcvU7oMm58mrFhpClscCAORWufjflAnaU6jjddNzO-42se-6FX8w==

GET
H2 200 28.f83d3475.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 5 KB
2 KB 35ms
34ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.f83d3475.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"31622ec5109fa0c061e9e9ded0c3352a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Llccd9sprqz.hEDfkRly_3vegIDZXCL
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nNIJodPHxh3EhhkUk7nPtauObAcjN0TZ5n4mpfENj4vCANifaLeCRA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-758838562

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9a2c91cb431087d329fa472b2af819011b804b2e47ca076134bac87296d2691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38007
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jul 2021 21:42:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-758838562&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8QNQ2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d64c41fed3880f6fd15ad7b41533ca1175ed775bd8bee072bb86dc075e5b3f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38032
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jul 2021 21:42:36 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Jul 2021 21:42:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=32729
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame F01A 2 B
403 B 525ms
131ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 21 Jul 2021 21:42:36 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 26.99c92d86.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 22 KB
7 KB 29ms
28ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.99c92d86.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1225470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"68dd2d5bbc3d1f109781a2b2021aacb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9Zo3GBosIu3ow1incjCLN3q.ALDypy7R
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J095fKKkHOtthK4g793ru6MCyJbXa_ek09GmfPE0w0uwxKFQClMt1g==

GET
H2 200 28.c8071680.chunk.css
js.driftt.com/core/assets/css/ Frame F01A 1 KB
1 KB 28ms
27ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.c8071680.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1225470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8d9d05ce6555c8a82ab4b586aecc7a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OwfnuSWa.W0YMJmeYUluWIVAPiXJKKhs
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wpdw_77HZgxF1oQPzv9YxvIaaAKcxFBDhR5_h2Ucty0mvKBYwsZTTg==

GET
H2 200 28.f83d3475.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 5 KB
2 KB 29ms
28ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.f83d3475.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"31622ec5109fa0c061e9e9ded0c3352a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Llccd9sprqz.hEDfkRly_3vegIDZXCL
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dkRIf4w5TZa451QYvOJfgekCLmn3adRCQ-MG-gwWgMzcnrGXKIK_lw==

GET
H3-29 200 __ptq.gif
track.hubspot.com/ 45 B
763 B 41ms
29ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=f226d9bb-ffdc-47bf-866e-cb8fcc74971b&lfi=2072838&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2224760&ct=standard-page&rcu=https%3A%2F%2Fcastellanbc.com%2F&pu=https%3A%2F%2Fcastellanbc.com%2F&t=Business+Continuity+Management+-+Castellan&cts=1626903756049&vi=c5d9cb9f062b3294f19ea0d535382917&nc=true&u=124575829.c5d9cb9f062b3294f19ea0d535382917.1626903755748.1626903755748.1626903755748.1&b=124575829.1.1626903755749&pt=0&cc=15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:36 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4db950be-6095-4dde-ae54-adb9d3751725
cf-ray: 6727999b6e534e20-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFDzQadUvHF%2B0BAcR%2BKEkX4cgOy%2FoYlaVnuNCmq6iHU%2Fn6Fjw4woDQ%2BnM45KhBtIhMMOiljbgmcQ5jCGYBcSpOWUb3pkmAfnNCBhl914HEboangu8Jk9VBRE9kVVj%2FOhITbmovn7RJAXPnJqYNr6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 22.0fe27b6c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 42 KB
12 KB 40ms
32ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.0fe27b6c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

865bd4ece0b197f219858f3e24543e38b78e56705b0c5bccd85d419cebc34ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"16f43d4a1f08d1a487db21656c599aae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oe044AXHveLEL0iyz_cDL4QpsHnhigfv
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QqA1HxOEFnuehSY2bstQhVB6j8O_USjzydI0jBp8Xuq7VyzNrl7f4w==

GET
H2 200 18.44736ae1.chunk.css
js.driftt.com/core/assets/css/ Frame 8691 8 KB
2 KB 34ms
32ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/18.44736ae1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8b77004f90a97a8796e83c50f9e084d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x5dOG.3yJKUjrVUkQNFI.TikwE6Otqdt
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G0lDwjDeykFc6SqYkOToq3SuRWpvGBC9oXH0qlxkpAR2QoxFx9CWew==

GET
H2 200 18.019609f1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 65 KB
19 KB 34ms
33ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.019609f1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

eb0f9bf45743e59f66ee7098fdc79b4ceb6685e63b35a6e146b3483ca36fdc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 17:29:30 GMT
content-encoding: gzip
age: 533586
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 15:57:21 GMT
server: nginx
etag: W/"c452a7b6fc7b3f51704ba5e2bb1bd9df"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sVAXVlTRPnYaInwjTChzYn5PeqbAE8LT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rh5Bn9k21lUmkpsIRTKBfvRNvpH2ySSFEnieUVmLNf2DoKNu-GzTqw==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 136ms
37ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-758838562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Jul 2021 21:42:36 GMT

GET
H2 200 29.35fcf3a3.chunk.css
js.driftt.com/core/assets/css/ Frame F01A 6 KB
1 KB 30ms
30ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.35fcf3a3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Vv9Z.AFLkHfCx19G.PJtFEYakZc4c3sf
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: __r8rOlMTcNuAU9-WCyyku9r69EGsJuYQ-WmRg92QU8VgawPg4fw5Q==

GET
H2 200 29.9b16991a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 2 KB
2 KB 31ms
31ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.9b16991a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c4f74b02ce64c1bc1166ff6be0b2c0e05e243a93932f34dced5e4d0b45603fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"6b76f18bc4b40ce872a15191ddb2ca65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pUOVA9iV.dDilNdMlhO7iOxxJwe.gxgd
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D_HrAkgiRZKI7eYK4vFRIgmrUzcfKQtCBiZFRHks2leLEK7CaGcHYw==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame F01A 7 KB
2 KB 30ms
27ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: twwqm0eF6b4xUNGA7mH75fOQTkC6h_HYfaf_7yQqHs3VWKwEMOGFHA==

GET
H2 200 1.1dd18d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 76 KB
23 KB 32ms
30ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.1dd18d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b358b127d95abf969d41c6d9a9e24d713b169574c4b0853cd7075a98b84f3a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:07 GMT
server: nginx
etag: W/"a4a439b10d3ce63496e066f88921993e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oYIrLBgaYmBaM_5vGMtDckG4hutYLM4r
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7wzEJhVLwA5BGHaT1-y1SOgy5MzvY-ctlTRvXnv1xSo9YZ9ng8YM1Q==

GET
H2 200 0.061f3bcd.chunk.css
js.driftt.com/core/assets/css/ Frame F01A 39 KB
7 KB 30ms
28ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.061f3bcd.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c94531eed7b28e06a929e1a001be4c117d296a8159c395aae04e5986c2e0dca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 1216675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8270a19b1866f9a99b674fe2dadeced0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zxSLZd3Brbt8Il6bhjFDwt2Bq0yNmNhu
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R9GabwIE9TVULX2yd4bH_PfeoR86sh6UuzCOITM4EihdMZf2Op6ytg==

GET
H2 200 0.4b8a868c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 59 KB
20 KB 33ms
32ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.4b8a868c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

13f476ef8748277e95117300fa3735f97e8de21ab3be9d83c95a3990cb541ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 20:50:26 GMT
content-encoding: gzip
age: 521530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 19:31:10 GMT
server: nginx
etag: W/"63ac69317cc108c4b41151b583ea8a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yPAfxuOjY5Ceb_vmdCx6_YBE7IncG5yx
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jhpRZAhYiQQzOuIGx1i4NaWPAd9UQRzb345z97xIJpWelHDGOX0Fug==

GET
H2 200 25.55f88a7d.chunk.css
js.driftt.com/core/assets/css/ Frame F01A 11 KB
2 KB 31ms
29ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.55f88a7d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 1225469
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"a1edc67f80fa4d2930e0e949b8c47368"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PBLtoaNf6c055OEpbrvVBHkZeIp.wBXB
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qoeg6O5goR4LRKmpIbRjtKBM5VbTzBgwH_h7q8nqpNnukS0S-kCo1w==

GET
H2 200 25.788dec0b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 11 KB
5 KB 34ms
33ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.788dec0b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3f44130c8dc8f1063465c3cc9caa864e46595f9cc8bb670672fc69f5dd95ad24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 17:29:30 GMT
content-encoding: gzip
age: 533586
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 15:57:21 GMT
server: nginx
etag: W/"e5ca10bad74ba608e1262650146a6126"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3YmUy.D5zCZEEZbheVUrw51ikJlmpp9h
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HholRpYkKBtozrxV7kR4WIcRIpqyskt7RtGmRSSTOgxnpH3pbKZ53w==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 8691 25 B
123 B 137ms
136ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:36 GMT
server: istio-envoy
requestid: b7ccf7bc111fb72d
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 364ms
120ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:36 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifte5c2d2f4e08b1c1b35d350d1ed8
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 8691 103 B
200 B 121ms
121ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

927d7a06c3a685c18302027186c79ef32f52e2820597ccb7b8182f924cb0a3ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:36 GMT
server: istio-envoy
requestid: 14271949eda2ed79
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 369ms
122ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:36 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift81cffde407581004eb5e3a99aaa
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H3-29 200 css
fonts.googleapis.com/ Frame 8691 4 KB
643 B 31ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/main~53ca99a6.632e1c2f.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 19:52:40 GMT
server: ESF
date: Wed, 21 Jul 2021 21:42:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jul 2021 21:42:36 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/758838562/ 2 KB
2 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/758838562/?random=1626903756282&cv=9&fst=1626903756282&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcastellanbc.com%2F&tiba=Business%20Continuity%20Management%20-%20Castellan&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae0e34ddfa3b4101e959cf733299371cc2419b9d7315a1cd684bd3655218874f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1037
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/758838562/ 42 B
154 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/758838562/?random=1626903756282&cv=9&fst=1626901200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcastellanbc.com%2F&tiba=Business%20Continuity%20Management%20-%20Castellan&async=1&fmt=3&is_vtc=1&random=3462340093&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/758838562/ 42 B
154 B 17ms
17ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/758838562/?random=1626903756282&cv=9&fst=1626901200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcastellanbc.com%2F&tiba=Business%20Continuity%20Management%20-%20Castellan&async=1&fmt=3&is_vtc=1&random=3462340093&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p8i9ickv3rh6.json Show response
embeds.driftcdn.com/embeds/ Frame 8691 22 KB
7 KB 517ms
452ms XHR
application/json 13.226.145.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/p8i9ickv3rh6.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03798fb0d4b505d61ede6821324a9387d7e21206434c138a0f414b35447699af

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:38 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 21 Jul 2021 17:58:28 GMT
server: AmazonS3
etag: W/"5f666311ca6e07ddbcd554c4d374ac76"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: Ivo4_Fp8eWnVhbMXFVsPxE4n0qIcr2sYcc6jq6pZe7Rukz4N3s2rlA==

POST
H2 200 utk Show response
customer.api.drift.com/integrations/hubspot/ Frame 8691 2 B
65 B 317ms
316ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:37 GMT
server: istio-envoy
requestid: d2ed92a7074b480f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 193
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 utk
customer.api.drift.com/integrations/hubspot/ Frame 0
0 155ms
120ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:37 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftc715d684faba6cc24194252f2d4
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 8691 4 KB
2 KB 457ms
456ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a8e876745b33de44a899bfdbc9955324dbf4c439a28eb2e4db8f57aa56e23b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Jul 2021 21:42:38 GMT
content-encoding: gzip
server: istio-envoy
requestid: 1d6e7bfb06271fe7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 336
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1950
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 8691 25 B
88 B 141ms
141ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:38 GMT
server: istio-envoy
requestid: 8f5861808285c69c
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 121ms
120ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:38 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift01583ab4fb7af5b995c8e1da17b
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H2 200 p8i9ickv3rh6
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 124ms
120ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/p8i9ickv3rh6

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:38 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: drift948c3794475990b309398488977
content-length: 18
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 p8i9ickv3rh6 Show response
targeting.api.drift.com/hours/availability/combined/ Frame 8691 41 B
105 B 739ms
738ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/p8i9ickv3rh6

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NzYxNDIzMDczMTI0MzUyIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTQ5NzUxMiIsImV4cCI6MTY1ODQzOTc1OCwiaWF0IjoxNjI2OTAzNzU4fQ.NgGFdSIwxFouuv-7_2NC7FO0DjR-31OFp7C7rBJiIpKj_LYHYdBH_RHj1t10xlxs21o18yc3N7ZFrmlNjwI8lw

Response headers

date: Wed, 21 Jul 2021 21:42:38 GMT
server: istio-envoy
requestid: 348f0d241738878b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 618
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 41
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 355ms
115ms Preflight
text/plain 34.234.150.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

34.234.150.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-150-139.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:38 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift4c5351e46219acc7e46b6ce0601

POST
H2 200 track Show response
event.api.drift.com/ Frame 8691 572 B
999 B 116ms
116ms XHR
application/json 34.234.150.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.150.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-150-139.compute-1.amazonaws.com

Software

Resource Hash

6620ed85d7329381553f8d9fd1dcf6afb9fec084bdf7657208db3eaf41ac58c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NzYxNDIzMDczMTI0MzUyIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTQ5NzUxMiIsImV4cCI6MTY1ODQzOTc1OCwiaWF0IjoxNjI2OTAzNzU4fQ.NgGFdSIwxFouuv-7_2NC7FO0DjR-31OFp7C7rBJiIpKj_LYHYdBH_RHj1t10xlxs21o18yc3N7ZFrmlNjwI8lw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:38 GMT
requestid: 77b7520de53f89e2
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 572

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8691 17 KB
6 KB 28ms
27ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=p8i9ickv3rh6&region=US&forceShow=false&skipCampaigns=false&sessionId=acb821cd-1424-45e9-9565-182cfceff03c&sessionStarted=1626903755.729&campaignRefreshToken=0fa25e1d-1f14-49e1-97a4-a1671b86de80&hideController=false&pageLoadStartTime=1626903753255&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 1225471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mktsEurdA06HK3CbUmCvYuqVu0uItlT2ChmP9NR3Cv-H3R15HlRNFQ==

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 17 KB
6 KB 30ms
29ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 1225471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wYDOkA_ImjkW8-vfgaaQ5-5EXVVAiG7kWKjFHaNMhXh5HAU8gbHYQA==

GET
H3-29 200 css
fonts.googleapis.com/ Frame F01A 4 KB
643 B 62ms
62ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/main~53ca99a6.632e1c2f.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 21:42:38 GMT
server: ESF
date: Wed, 21 Jul 2021 21:42:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jul 2021 21:42:38 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame F01A 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 184588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:10 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame F01A 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 159451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:25:07 GMT

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 8691 1 KB
653 B 121ms
121ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

82676e92f611c5ce8cea71ff26615b9945733b5c275593911ac1f0d0bfe8fae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NzYxNDIzMDczMTI0MzUyIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTQ5NzUxMiIsImV4cCI6MTY1ODQzOTc1OCwiaWF0IjoxNjI2OTAzNzU4fQ.NgGFdSIwxFouuv-7_2NC7FO0DjR-31OFp7C7rBJiIpKj_LYHYdBH_RHj1t10xlxs21o18yc3N7ZFrmlNjwI8lw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:39 GMT
content-encoding: gzip
server: istio-envoy
requestid: 4c006aed4b75e392
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 588
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 121ms
120ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:39 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift8db807e44cb9006eedad41ff4a0
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H2 200 render_initial
flow.api.drift.com/flows/ Frame 0
0 129ms
121ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:39 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftbdeb0a243b39cc72957141d00ba
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 render_initial Show response
flow.api.drift.com/flows/ Frame 8691 4 KB
2 KB 299ms
299ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a815fa97576e085b2346d2dd1d6c13912db81fa92c6c38b42919095aeb12eaab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NzYxNDIzMDczMTI0MzUyIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTQ5NzUxMiIsImV4cCI6MTY1ODQzOTc1OCwiaWF0IjoxNjI2OTAzNzU4fQ.NgGFdSIwxFouuv-7_2NC7FO0DjR-31OFp7C7rBJiIpKj_LYHYdBH_RHj1t10xlxs21o18yc3N7ZFrmlNjwI8lw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:39 GMT
content-encoding: gzip
server: istio-envoy
requestid: c2751c6806fdc54b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 179
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2101
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 8691 0
37 B 130ms
129ms XHR
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NzYxNDIzMDczMTI0MzUyIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTQ5NzUxMiIsImV4cCI6MTY1ODQzOTc1OCwiaWF0IjoxNjI2OTAzNzU4fQ.NgGFdSIwxFouuv-7_2NC7FO0DjR-31OFp7C7rBJiIpKj_LYHYdBH_RHj1t10xlxs21o18yc3N7ZFrmlNjwI8lw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:40 GMT
server: istio-envoy
requestid: 2e1413ad9c7ea36d
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 120ms
120ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:40 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift2f3e8d643f3a9443a7f5d6f8b2b
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2212278%252F7d757225d4307cb589826b6cc06f0722x6iw74nvadgs%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame 8691 3 KB
1 KB 28ms
11ms Image
image/svg+xml 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2212278%252F7d757225d4307cb589826b6cc06f0722x6iw74nvadgs%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D283a95779a5db2881dc7a1e08f2ff148?fit=max&fm=png&h=200&w=200&s=cdbf3ea90ab43b100d6b37d7cf082fe0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

7920e4a8708dcd13aea1848e19cd696d17552d84d933d1c86e2692c9cd7946c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
age: 1843171
x-cache: MISS, HIT, HIT
x-imgix-id: 0ff88bbe36034272bf697ee3161b78f5e9f4ec35
content-length: 1062
x-served-by: cache-sjc10024-SJC, cache-sjc10026-SJC, cache-fra19181-FRA
last-modified: Fri, 05 Feb 2021 16:49:48 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 8691 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 184590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:10 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-181271870-1&cid=188878445.1626903754&jid=1393109916&gjid=1343661445&_gid=525038749.1626903754&_u=aHDAgEADQAAAAE~&z=1171090829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Jul 2021 21:42:40 GMT
content-type: text/plain
access-control-allow-origin: https://castellanbc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
5ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1579367828&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcastellanbc.com%2F&ul=en-us&de=UTF-8&dt=Business%20Continuity%20Management%20-%20Castellan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202266577&_u=aHDAgEADQAAAAE~&jid=1393109916&gjid=1343661445&cid=188878445.1626903754&tid=UA-181271870-1&_gid=525038749.1626903754&gtm=2wg7j0W8QNQ2K&z=2032817649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 12:07:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34487
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 33ms
16ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-181271870-1&cid=188878445.1626903754&jid=1393109916&_u=aHDAgEADQAAAAE~&z=425102617

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
17ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-181271870-1&cid=188878445.1626903754&jid=1393109916&_u=aHDAgEADQAAAAE~&z=425102617

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ Frame D60F 0
172 B 117ms
117ms XHR
text/plain 3.221.103.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/wistia-mux.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.103.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-103-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jul 2021 21:42:40 GMT
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: POST, GET

OPTIONS
H/1.1 200
OK /
fg8vvsvnieiv3ej16jby.litix.io/ Frame 0
0 471ms
117ms Preflight 3.221.103.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Protocol: HTTP/1.1
Server: 3.221.103.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-103-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Date: Wed, 21 Jul 2021 21:42:40 GMT
Content-Length: 0
Connection: keep-alive

GET
H2 200 36.e483d03f.chunk.css
js.driftt.com/core/assets/css/ Frame F01A 900 B
2 KB 28ms
27ms Stylesheet
text/css 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/36.e483d03f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:08 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age: 1225472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 900
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: "0bd11a8facc0a9d41713c64ed1ba1289"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cz29m.Fts8YXx_IUUNjCl_E4K8cC3nMy
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: omEyigpF2D8ZH7es9qk8Ep5exBrhohbm94AnWBcTUVUIej5Ybzf70w==

GET
H2 200 36.87960841.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F01A 303 B
965 B 28ms
28ms Script
application/javascript 143.204.205.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.87960841.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.af35c199.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-19.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

edf5d541caca5cdba1417802ad63b784c665a0a9a4186f1a1ac4e43e1a24439f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626903753255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:08 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age: 1225472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 303
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: "835857a703b37f049afbdaf680afb896"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 49eP141GUq4d.EICEk00vDg17u.v93HG
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VS30Cq4pOXbVeeqAFll6BngzvPRn4xpuqegEMArp1BtQ7UaocV2Fwg==

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R08W416TF3&gtm=2oe7j0&_p=1579367828&sr=1600x1200&ul=en-us&cid=188878445.1626903754&_s=2&dl=https%3A%2F%2Fcastellanbc.com%2F&dt=Business%20Continuity%20Management%20-%20Castellan&sid=1626903754&sct=1&seg=0&en=scroll&_et=1225&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R08W416TF3&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:42:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://castellanbc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 8691 25 B
85 B 120ms
120ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4NzYxNDIzMDczMTI0MzUyIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTQ5NzUxMiIsImV4cCI6MTY1ODQzOTc1OCwiaWF0IjoxNjI2OTAzNzU4fQ.NgGFdSIwxFouuv-7_2NC7FO0DjR-31OFp7C7rBJiIpKj_LYHYdBH_RHj1t10xlxs21o18yc3N7ZFrmlNjwI8lw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jul 2021 21:42:41 GMT
server: istio-envoy
requestid: 1ed6766c6c64c1ab
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 119ms
119ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 21 Jul 2021 21:42:41 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftf4827fa47079525733e1f95dc30
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
380 B 25ms
25ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=f226d9bb-ffdc-47bf-866e-cb8fcc74971b&lfi=2072838&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2224760&ct=standard-page&rcu=https%3A%2F%2Fcastellanbc.com%2F&pu=https%3A%2F%2Fcastellanbc.com%2F&t=(1)+New+Message!&cts=1626903766064&vi=c5d9cb9f062b3294f19ea0d535382917&nc=true&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://castellanbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 21:42:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ffd7d07f-0646-4739-a593-cccc22e53ec8
cf-ray: 672799d9ea944e26-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1KkxPBoNA6PkotAuW7hXxkoUNXxdPzp%2BUYGlTQmJ6ODEGpiBf%2BMaanuncD5nZ6bDFw6F69JNBgTwHj2TN%2BWVxfydyYnumoYT70ktAZnhKFTUPi7fK5B1UBWvntQ3iPznbWtz2XN900SQcthy1Zh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.castellanbc.com/	1970-01-20 13:26:15	Name: _ga_R08W416TF3 Value: GS1.1.1626903754.1.0.1626903755.0
.castellanbc.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.castellanbc.com/	1970-01-19 19:55:05	Name: __hssc Value: 124575829.1.1626903755749
.castellanbc.com/	1970-01-20 05:16:39	Name: hubspotutk Value: c5d9cb9f062b3294f19ea0d535382917
.castellanbc.com/	1970-01-20 05:16:39	Name: __hstc Value: 124575829.c5d9cb9f062b3294f19ea0d535382917.1626903755748.1626903755748.1626903755748.1
castellanbc.com/	1970-01-19 19:55:05	Name: drift_campaign_refresh Value: 0fa25e1d-1f14-49e1-97a4-a1671b86de80

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://js.driftt.com/core/assets/js/16.053b05ea.chunk.js(Line 1) Message: DRIFT_WIDGET:: widget_core:bootstrap_api finished in 466.9000015258789 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.hubapi.com
bootstrap.api.drift.com
castellanbc.com
cdn.jsdelivr.net
customer.api.drift.com
distillery.wistia.com
driftt.imgix.net
embed-fastly.wistia.com
embeds.driftcdn.com
event.api.drift.com
fast.wistia.net
fg8vvsvnieiv3ej16jby.litix.io
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
metrics.api.drift.com
pipedream.wistia.com
px.ads.linkedin.com
px4.ads.linkedin.com
sentry.io
snap.licdn.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
targeting.api.drift.com
track.hubspot.com
use.typekit.net
ws.zoominfo.com
www.assurancesoftware.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
108.174.10.14
13.226.145.38
142.250.186.130
143.204.205.19
151.101.66.133
2606:2c40::c73c:67e1
2606:4700::6810:a852
2606:4700::6811:44b0
2606:4700::6811:72b0
2606:4700::6811:c9cc
2606:4700::6811:d5cc
2606:4700::6811:eacc
2606:4700::6812:15bf
2606:4700::6812:acf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9c
2a02:26f0:6c00:2b0::25ea
2a02:26f0:6c00::210:ba0a
2a04:4e42:3::485
2a04:4e42:3::622
2a04:4e42:3::720
3.221.103.232
34.234.150.139
35.188.42.15
35.225.35.51
50.16.7.188
52.6.75.166
54.86.117.43
0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c
03798fb0d4b505d61ede6821324a9387d7e21206434c138a0f414b35447699af
07c2f2313bf7914e20e2b5efaf27e4843a872a1b2cd81ffc067231be215f32e5
08c342aa32e495a8a14ab30d3ae807fa12907cd243111d224d9bb2917b9e9791
0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e
0bde679faadb8406294bf9a5e821a71ee7bc428e5497259fbf7a6b74c6571f9e
108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
130d181d036804847e37ccd2d1e5b5c7a00d825289231a5eb8e88b3678bec328
13f476ef8748277e95117300fa3735f97e8de21ab3be9d83c95a3990cb541ee5
17c7e09d9fe7d9c61cc885e9d053de58fafb62a5140b04984c71bbe159301338
1b847f4bf1caae6158442264fd20a70d33a367422f383f8d399ad5a9866f59bd
1d51464a2bd03f2ca4489f53f4ace93784aaf19cb2275a1aaa5d9e49d6b55ef0
1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049
203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2
219ed77df33493466237a6ece4533ff51dd85ac0fa4ed6e9c97b8d82dcdb6e9e
22baf8c26d5e2dd5944258e859b2ddb157e0d7f6d042ff8e7884a62b544bd274
273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00
27f8d921ce2c6f867fe1a21f44677e808b7b187e928f5d1f90f1e656bef5d3c6
308e58fd030a351ff424b67df4719411282295af305ff518e5d8f7488993fc7f
30dbb7187d9b2a517f4e0f3ccbe4917199621938958dc340fe69455eaf43926b
32e5cc9f00c007299949d47a027fd6708abdacd5a9b2ad6ef4b2bccf5116b852
37aaa462a25ed2aa6ec53434469ac9b93446ac5608d7d8842ed874e0080e0d69
382c9c9e15509d4218042396db4f822f91b597579dd7e8e6fd6629e816f51f2f
38506f63d5c7176318d508ef5f7b2ec70f9652f9594c5e50118e10474e5f29c4
3d3802482a697e665f7ca4c59cda76aafe908748b01335a3689991ce1b4fdef6
3f44130c8dc8f1063465c3cc9caa864e46595f9cc8bb670672fc69f5dd95ad24
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ccd4e7ded3d3b7f3f55cb9ce511871e405e924f112f3c5a7b272ffe4f1c8d0
47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46
4967060fc7ffe95133ff25c8a693d695ebb5a39abb2868dc3546f022d45b8b58
4c91959cba13f585a90c75338d4648c4a85ba1fa37bebc831ddc5570bb31b553
509b92c5e60e238dad7c43481ec3d21dc152dbeb0f37dcc6f25e59eec1907354
537e7eeb038fd2ccde897feb1355b6f15435578f44e20dbca59bb6a9384a4864
548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b
564c4f5d8680a003bca270d6e838a262a1cef74ed915b4a28ba4bbc7db2f1d09
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
603dd772dd38d1decc8131c2226e430ebcff9054f27524648acee0b0f19c8c8f
6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0
6620ed85d7329381553f8d9fd1dcf6afb9fec084bdf7657208db3eaf41ac58c8
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6be7095fc7b4ccf33a454343009429cda6343ba3c32bb05f1c33a0f242ee2888
6dfd4cb135b7606de63844168312dc34df31c6b0a256258315f9afde5001f179
6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc
6e1b1e3c604972c779dcc1149be5533d0f9d80c963112e41cdc3d161f7665313
6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
700518d2a358476701cd12886720badd61247093b5db8e8fa05d3f001fb98f3e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74048008ef95f248fc0a89430cb0979a5c2eaed7869ba722f8acada4649172e1
75ca0a760f4c7f0c139905e116f34f986b6b02272130c0b0b7cbcaa204ee60b1
7920e4a8708dcd13aea1848e19cd696d17552d84d933d1c86e2692c9cd7946c1
7d551e02c1b2aa885b9a7a5d1ce56556d8d020ab282fb26e59d70975a60f93e9
7d66bedb4dbdae6be999443f14a59f95d1b80ac3928eaefe9d3c7a2b49902c11
7df27ff3f4dcac385073e4a1c16d0e10faecd3611e63c2ce56e3fa88f99badbe
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
80e7ee7ede5a4db71238c4edcb7bbf74b92b57ee85e396b10a32c30207045a50
82676e92f611c5ce8cea71ff26615b9945733b5c275593911ac1f0d0bfe8fae1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865bd4ece0b197f219858f3e24543e38b78e56705b0c5bccd85d419cebc34ecb
88887e72aef86d2096619a3a52ae50dddb1866d7a386a432b775c4518937f809
88c3e38c6cff216228fd1c9a8478ffcbdf104acc9cacc3682cab50b3b00f569f
8ac79e8889da963cd9af2f784b2ec35fe3eaf338e97eaa6f16a2ec6d1ab9a15c
8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7
8e80615421cbd6da5db1c00ef1a784a93cb97de466916c1f8b38f3a5c5813f62
8ef03654dd60e5166c6bae1478132437ecfd0182daa6619a9506b7fd3a84306c
8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
927d7a06c3a685c18302027186c79ef32f52e2820597ccb7b8182f924cb0a3ae
9d8c0dc9ba43c853fa895eb086b4cfec87f94fe30fcacdd025fb50bcb3c70877
a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4f3d0629887daa602b75393bacd6b25f72f52178a45d807ac591a3f86afe40d
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a815fa97576e085b2346d2dd1d6c13912db81fa92c6c38b42919095aeb12eaab
a8e876745b33de44a899bfdbc9955324dbf4c439a28eb2e4db8f57aa56e23b56
a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce
ae0e34ddfa3b4101e959cf733299371cc2419b9d7315a1cd684bd3655218874f
ae3617b19bca8babbd95f009b8454e5fa0e24bf588af91c915cf03980cee99bf
ae5b54c8b1fafb572a40451773558ca90e171cb1e5c89053e592d490bee9b6e8
b358b127d95abf969d41c6d9a9e24d713b169574c4b0853cd7075a98b84f3a9d
bb945b2f959684b8a243c282b0209432e5ebe3310ce8f6b46a9dee6b50b1fe3c
bdbc0662eaea08ee895735b67191d1e12382befb51dbe1130bf2eb7aa71067af
c4e4bef16ed551469cb66ec4e4a4402ce830dd400214f91a428af180a81e07ed
c4f1a413e47f90162ead328b5fe465ece8c0e32a1625bce9598d76c420a92f32
c4f74b02ce64c1bc1166ff6be0b2c0e05e243a93932f34dced5e4d0b45603fee
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c8aa708ff62a77e246435d69388ce7c198e787299c75af8b317b55b2538041b2
c94531eed7b28e06a929e1a001be4c117d296a8159c395aae04e5986c2e0dca2
cc682405da0c791261459c0e66f97a4c4c0226dcf0e5fed4cf9306d0f3f1e7cb
cea54b3bd16fab4ddc5e71278ef7817b674023c0ffa7c9e1d4ab82df53d1a652
cedf0379f2c7495afb13d43ef0a3037e4c8a402c4aee28dcdb5395bbd45bbdbc
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d64c41fed3880f6fd15ad7b41533ca1175ed775bd8bee072bb86dc075e5b3f91
dae01dc247a2a57dd65a9d1f4b4ee8a60a57fa709e4c73214d63825d88bd4c5e
db29d22df6af3730e903c9fda7ffcea7acf6a4f23adbf121c5b9911536f626fa
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcbc8cb6af046ec7ecac13536c24d091d0eb0717646765404fb94552d12d4f63
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3
e9a2c91cb431087d329fa472b2af819011b804b2e47ca076134bac87296d2691
eb0f9bf45743e59f66ee7098fdc79b4ceb6685e63b35a6e146b3483ca36fdc3a
ebc210c3eec7ff1a8c50ae161aeb651e9c9795afa35456a770bdefb2dd7e7daa
edf5d541caca5cdba1417802ad63b784c665a0a9a4186f1a1ac4e43e1a24439f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8
f73ac769bc461e20e8815f4039b0a6af101bb64fa144f16a72c8a7e7a14bf364
f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f9f78242449e559aa41ab44f9f2f9c8ebba706ad1cdd306022d8c7dc883e50d9
fa0fceb5b317e83fa2891fa73c495a1c02b6dd55f6a13de1e5466deed2c7a67d
fb7b878ca8be327909d9dbbaf8f2920ca3e81cda6c3ecc9dc041b725bb323203
fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
febc1b8a74870a853e0e9690945d214bf233ea868b75a8cccc304960c79fdc8c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

castellanbc.com Open in urlscan Pro 35.225.35.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

100 %HTTPS

69 %IPv6

31 Domains

43 Subdomains

37 IPs

3 Countries

2544 kBTransfer

7713 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

castellanbc.com Open in urlscan Pro
35.225.35.51 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

100 %
HTTPS

69 %
IPv6

31
Domains

43
Subdomains

37
IPs

3
Countries

2544 kB
Transfer

7713 kB
Size

6
Cookies

193 HTTP transactions
1 data transactions