www.armorblox.com Open in urlscan Pro
2a05:d014:275:cb01:8909:43f0:2069:7b77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Submission: On September 19 via api (September 19th 2022, 1:12:02 pm UTC) from US — Scanned from DE

Summary HTTP 217 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 33 domains to perform 217 HTTP transactions. The main IP is 2a05:d014:275:cb01:8909:43f0:2069:7b77, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.armorblox.com.
TLS certificate: Issued by R3 on September 18th 2022. Valid for: 3 months.

This is the only time www.armorblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
66	2a05:d014:275... 2a05:d014:275:cb01:8909:43f0:2069:7b77	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:11a... 2a02:26f0:11a::6867:4841	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2600:9000:205... 2600:9000:2057:8a00:f:71f1:7280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4868	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	52.51.145.228 52.51.145.228	16509 (AMAZON-02) (AMAZON-02)
6	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.89.99 143.204.89.99	16509 (AMAZON-02) (AMAZON-02)
8	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	184.73.246.234 184.73.246.234	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1ecd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	18.195.70.228 18.195.70.228	16509 (AMAZON-02) (AMAZON-02)
2 3	54.162.244.84 54.162.244.84	14618 (AMAZON-AES) (AMAZON-AES)
1	44.205.92.219 44.205.92.219	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
61	99.86.4.21 99.86.4.21	16509 (AMAZON-02) (AMAZON-02)
2	34.193.113.164 34.193.113.164	() ()
2	50.16.7.188 50.16.7.188	() ()
217	40

66 2a05:d014:275:cb01:8909:43f0:2069:7b77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.armorblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:11a::6867:4841 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2057:8a00:f:71f1:7280:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.armorblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

metadata-static-files.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.145.228 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-145-228.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.93.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-sj27.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-99.fra50.r.cloudfront.net

api.storyblok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.73.246.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-246-234.compute-1.amazonaws.com

analytics.humanautomation.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1ecd (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

176-xmj-030.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.70.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-70-228.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.162.244.84 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-244-84.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.92.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-92-219.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 99.86.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-21.fra6.r.cloudfront.net

rc-animation-feature.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.113.164 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	armorblox.com www.armorblox.com assets.armorblox.com	6 MB
62	driftt.com js.driftt.com — Cisco Umbrella Rank: 4993 rc-animation-feature.js.driftt.com	732 KB
8	6sc.co j.6sc.co — Cisco Umbrella Rank: 6334 c.6sc.co — Cisco Umbrella Rank: 9557 b.6sc.co — Cisco Umbrella Rank: 4416	13 KB
6	marketo.com app-sj27.marketo.com — Cisco Umbrella Rank: 225024	144 KB
5	clickagy.com 2 redirects tags.clickagy.com — Cisco Umbrella Rank: 6675 aorta.clickagy.com — Cisco Umbrella Rank: 1502 hemsync.clickagy.com — Cisco Umbrella Rank: 5955	16 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	61 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 430 p.typekit.net — Cisco Umbrella Rank: 577	138 KB
4	drift.com metrics.api.drift.com bootstrap.api.drift.com	368 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6352	763 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	763 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	3 KB
3	humanautomation.ai analytics.humanautomation.ai — Cisco Umbrella Rank: 310322	24 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 7221	33 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 11205	422 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	315 B
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 624	521 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	54 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6762	1 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 2665	6 KB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 410	8 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	98 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 396	304 B
1	mktoresp.com 176-xmj-030.mktoresp.com	318 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 432	705 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 9270	203 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4816	2 KB
1	storyblok.com api.storyblok.com — Cisco Umbrella Rank: 85868	23 KB
1	digitaloceanspaces.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 32800	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	81 KB
217	33

	Domain	Requested by
66	www.armorblox.com	www.armorblox.com cdn.bizible.com
61	rc-animation-feature.js.driftt.com	js.driftt.com rc-animation-feature.js.driftt.com
16	assets.armorblox.com	www.armorblox.com
6	b.6sc.co	www.armorblox.com
6	app-sj27.marketo.com	www.armorblox.com app-sj27.marketo.com
5	www.google-analytics.com	www.googletagmanager.com www.armorblox.com
4	use.typekit.net	www.armorblox.com use.typekit.net
3	aorta.clickagy.com	2 redirects cdn.bizible.com
3	www.google.de	www.armorblox.com
3	www.google.com	www.armorblox.com
3	analytics.humanautomation.ai	www.armorblox.com analytics.humanautomation.ai
3	cdn.bizible.com	www.googletagmanager.com www.armorblox.com cdn.bizible.com
2	bootstrap.api.drift.com	rc-animation-feature.js.driftt.com
2	metrics.api.drift.com	rc-animation-feature.js.driftt.com
2	epsilon.6sense.com	cdn.bizible.com
2	www.facebook.com	www.armorblox.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	insight.adsrvr.org	www.armorblox.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	connect.facebook.net	www.armorblox.com connect.facebook.net
2	segment.prod.bidr.io	1 redirects www.armorblox.com
2	munchkin.marketo.net	www.armorblox.com munchkin.marketo.net
2	cdn.cookielaw.org	www.armorblox.com cdn.cookielaw.org
1	id.rlcdn.com	www.armorblox.com
1	us-u.openx.net	www.armorblox.com
1	hemsync.clickagy.com	cdn.bizible.com
1	176-xmj-030.mktoresp.com	munchkin.marketo.net
1	tags.clickagy.com	ws.zoominfo.com
1	c.6sc.co	cdn.bizible.com
1	secure.adnxs.com	cdn.bizible.com
1	stats.g.doubleclick.net	cdn.bizible.com
1	px4.ads.linkedin.com	www.armorblox.com
1	www.linkedin.com	1 redirects
1	cdn.bizibly.com	www.armorblox.com
1	ws.zoominfo.com	www.armorblox.com
1	j.6sc.co	www.armorblox.com
1	api.storyblok.com	www.armorblox.com
1	metadata-static-files.sfo2.cdn.digitaloceanspaces.com	www.armorblox.com
1	js.driftt.com	www.armorblox.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	www.armorblox.com
217	44

This site contains links to these domains. Also see Links.

Domain
get.armorblox.com
docs.microsoft.com
www.youtube.com
www.linkedin.com
www.facebook.com
www.twitter.com
armorblox.atlassian.net

Subject Issuer	Validity	Valid
armorblox.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
assets.armorblox.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
drift.com Amazon	`2022-08-24` - `2023-09-21`	a year	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
app-sj27.marketo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.storyblok.com Amazon	`2022-08-18` - `2023-09-15`	a year	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-28` - `2022-09-26`	3 months	crt.sh
analytics.humanautomation.ai Amazon	`2022-02-25` - `2023-03-26`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-13` - `2023-08-13`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.6sense.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
*.clickagy.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.drift.com Amazon	`2022-08-02` - `2023-08-31`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Frame ID: 0719CBB3B77DBA7D65D2157FFFF982D3
Requests: 151 HTTP requests in this frame

Frame: https://app-sj27.marketo.com/index.php/form/XDFrame
Frame ID: A467FF14534F2FDA195BBC1DCCACCF25
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 61E036B2D2C11569098F5F5AE09F39C1
Requests: 1 HTTP requests in this frame

Frame: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: DF1BFF13BE182CFBA045C72CF6DA3686
Requests: 31 HTTP requests in this frame

Frame: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
Frame ID: F651B53AF0539CFA8DD1DD6FD6309995
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blox Tales #11: Netflix Credential Phishing

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

217
Requests

98 %
HTTPS

45 %
IPv6

33
Domains

44
Subdomains

40
IPs

6
Countries

7256 kB
Transfer

16438 kB
Size

36
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://get.armorblox.com/email-risk-assessment
Title: Free risk assessment

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-worldwide
Title: Office 365 Exchange Online Protection

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCe1HUDYd6ZR4kwINgVWdRkA/featured

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/armorbloxinc/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/armorblox/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/armorblox

Search URL Search Domain Scan URL

URL: https://armorblox.atlassian.net/servicedesk/customer/portal/4
Title: Contact Support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

Request Chain 112

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593116818&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1663593116818%26url%3Dhttps%253A%252F%252Fwww.armorblox.com%252Fblog%252Fblox-tales-netflix-credential-phishing%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593116818&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593116818&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&liSync=true&e_ipv6=AQI5T88PM9Ob0wAAAYNV4HeqVtlzFnZIAr0UAINX-s3mNhGpMg8O7QXFTPJyA2M7mBAUg2gp1CKL

Request Chain 142

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D

Request Chain 143

https://aorta.clickagy.com/liveramp_redir HTTP 302
https://id.rlcdn.com/711861.gif

217 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.armorblox.com/blog/blox-tales-netflix-credential-phishing/ 88 KB
22 KB 291ms
117ms Document
text/html 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6fb157dac2d6ccd2be331cc55e25534ae33cca5e7078fbc89576450e954a156d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 22537
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 13:10:54 GMT
etag: "cfcc030d23396a5d1ebca4ab36b60fce-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDAY0W19BE495WA2ESC5XV28
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 105ms
48ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Sep 2022 13:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
age: 8288
vary: Accept-Encoding
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Thu, 15 Sep 2022 18:22:15 GMT
server: cloudflare
etag: 0x8DA974737287FBC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5bd43f01-f01e-006a-3736-c9844d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74d291ee2fc0929c-FRA

GET
H2 200 jvs4ixc.css
use.typekit.net/ 3 KB
956 B 308ms
190ms Stylesheet
text/css 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jvs4ixc.css

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fb54ec2c7611cd695804c36982789e9595d5bd6bdfee1571e7918485eb82c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 19 Sep 2022 13:11:56 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 724

GET
H2 200 webpack-runtime-d8318743b6b92913b350.js Show response
www.armorblox.com/ 5 KB
2 KB 29ms
23ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/webpack-runtime-d8318743b6b92913b350.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f1890ff50be4ff79cf7cb28fed7df1839a7d430a9c31094810ec4ea8e5b2fffe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5W9F2SA4MZX1YREGR4
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 18716
etag: "7175dfea5eaa6f4c8a10c49da3955951-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 07:59:59 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2086
x-xss-protection: 1; mode=block

GET
H2 200 framework-c35e70fad454c434ae6b.js Show response
www.armorblox.com/ 127 KB
41 KB 31ms
25ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/framework-c35e70fad454c434ae6b.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

daa698c8bbff0f8896f590e544f06c470d03af0dc6d7ecdec4b98e5f6580df5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5W59F51ZMMD818KN8P
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 18716
etag: "a8a6863aa2bfc86f87e9f673e9b6f860-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 07:59:59 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 42145
x-xss-protection: 1; mode=block

GET
H2 200 app-2759e81c69034ed02618.js Show response
www.armorblox.com/ 60 KB
18 KB 51ms
45ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/app-2759e81c69034ed02618.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

cb17ab922f4d5724f0a90ff0115610a966674e21428fa20b089f496a21cdf71d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5WC1PCTRJY1496M114
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3799
etag: "03b92a58bce8cd2566ab17b51cdad94a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 17962
x-xss-protection: 1; mode=block

GET
H2 200 styles-e9d24b1846c7d6eb9685.js Show response
www.armorblox.com/ 117 B
203 B 58ms
53ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/styles-e9d24b1846c7d6eb9685.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

dba17f1b29b3b3637d709f951023ea1655b08c6b4f40fd612c5e927ba72829fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5WA5VB6Y38WNVRX0E7
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "4e47c94435c6f8cd7757b3c4c1c8a2f0-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 117
x-xss-protection: 1; mode=block

GET
H2 200 252f366e-878adcd77ff7fad27068.js Show response
www.armorblox.com/ 877 B
965 B 60ms
54ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/252f366e-878adcd77ff7fad27068.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

89bedf9a0b818f5271c43462a30b5574c4dc36f2c79838902d03f005be824c0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5W6ENTNCQG49C8KGR9
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "21d00b364ad7be16fc01c26b9ad7b804-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 877
x-xss-protection: 1; mode=block

GET
H2 200 78e521c3-38c3d291d904954b5308.js Show response
www.armorblox.com/ 621 B
735 B 55ms
49ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/78e521c3-38c3d291d904954b5308.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e4a3280211b5fd200c4d4d043763886820517771353f9fef82a88c52ab5855a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5WW9S0DMG42P8JKKNH
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "68a21c67246d61f0b61b7ce94fc6b5c6-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 621
x-xss-protection: 1; mode=block

GET
H2 200 1bfc9850-747a3e29b4cec7049a2c.js Show response
www.armorblox.com/ 2 KB
1 KB 64ms
58ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/1bfc9850-747a3e29b4cec7049a2c.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a8f5d3db22e41774d495f5590e386c65e45ee9d6e3019ade87e5a5f9eadf5b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5WMRW2F6Q6S3CX9JGB
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 99137
etag: "a039afcfeab1db594d24bf2f01be8170-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1169
x-xss-protection: 1; mode=block

GET
H2 200 ae51ba48-e6ed8a47419732d3a4f8.js Show response
www.armorblox.com/ 607 B
694 B 61ms
56ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/ae51ba48-e6ed8a47419732d3a4f8.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9ab17804e34a235e778a2fcad45aac8737900071ecc51aeb9b944942faddb8a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5WCBTP6Q2PTQ6DF94C
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "fffd344963cd70e183859062aae6db03-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 607
x-xss-protection: 1; mode=block

GET
H2 200 3d360dac-197c1f96ffca55a9d033.js Show response
www.armorblox.com/ 345 KB
89 KB 66ms
60ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/3d360dac-197c1f96ffca55a9d033.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e416bac21f51ef7a9aa172a4c2f761846cb36fe6ae55b6439a6db80b3ff548ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5WP5WMFXVCP4946QA1
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "31ad224a3d00395901ff5cfee45111b8-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 91426
x-xss-protection: 1; mode=block

GET
H2 200 629e4ffc-1c5d96352745684bfb96.js Show response
www.armorblox.com/ 606 KB
296 KB 76ms
71ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/629e4ffc-1c5d96352745684bfb96.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e833fbc02878a06d85aa9e8378e939c676f085fbe2d7d385c85450538bfcbc92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W5WGKVJ1S9W45WJ0ZZB
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "c8bd496380c82e13d91c6a87324575f2-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 303021
x-xss-protection: 1; mode=block

GET
H2 200 31664189-21a22dc27022fc7662f7.js Show response
www.armorblox.com/ 2 KB
1 KB 77ms
72ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/31664189-21a22dc27022fc7662f7.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

03f8a6e311621073ef87440db078abf904e8b830e51fa2a39188ce5915531e68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6H0B9Y2Z4JB9BR23RH
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 99137
etag: "951383096c4a29a407644a61a815a06f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1138
x-xss-protection: 1; mode=block

GET
H2 200 05bddfcc-cef3482026f07fef8c7f.js Show response
www.armorblox.com/ 217 B
303 B 78ms
73ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/05bddfcc-cef3482026f07fef8c7f.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b726950d58a01f4ff987fc29a610f871b1055f749185e626a4b1916f968f1bb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HAW4K5YS7M4SFB0AV
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "b1c7638ce050c9deddafb22cf07edca9-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block

GET
H2 200 a4c92b5b-570fdb38251a4efdf646.js Show response
www.armorblox.com/ 132 KB
31 KB 79ms
74ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/a4c92b5b-570fdb38251a4efdf646.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5e206d921645cdd77ae1c4fb411bf3d04032d350cddadeb6888dd566ae1d5095

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HF6Y0REDRK6Q48611
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "eb3f2f9c23f2fae56714fbab50feea47-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 32085
x-xss-protection: 1; mode=block

GET
H2 200 d64684d8-61b9f5b8dac28b8c654b.js Show response
www.armorblox.com/ 505 B
592 B 82ms
78ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/d64684d8-61b9f5b8dac28b8c654b.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

eaf1df68503e4437806bb51d28eefe54beeebdf13684a25f2d6a9a86ee96dc32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HCNY7J0N3ZPC3QV33
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "ffb7342c734dd147905c2ee3e46ece4c-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 505
x-xss-protection: 1; mode=block

GET
H2 200 e8975190-80cdbb1cdf9a33e66010.js Show response
www.armorblox.com/ 168 KB
18 KB 83ms
79ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/e8975190-80cdbb1cdf9a33e66010.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a58dbc67f90f6006af9638b454c3cc2d65cc7125947095587ea7c4b372b11aeb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HQ05WZ4GYS3K8542T
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3799
etag: "44a5ffba18976b48dd60af6be975146c-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18256
x-xss-protection: 1; mode=block

GET
H2 200 commons-53bd057bcb8b6db9f0ac.js Show response
www.armorblox.com/ 187 KB
61 KB 84ms
79ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/commons-53bd057bcb8b6db9f0ac.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5609cd1f7eecd11ee97aac287f6d44f91cb1c19f16d6fa11fd82acab3eb9cb75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6H2N78GKQMBY3Q7BFV
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "2c4ce318dd5c5da4ed12ccd014aa31cf-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 62651
x-xss-protection: 1; mode=block

GET
H2 200 cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js Show response
www.armorblox.com/ 1 MB
370 KB 103ms
99ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e5035c8d058e1c25449d6d4852b063de6329a8b4a73dc84f94fbb405f8967d35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HRM50EA4NEP1M1GGK
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "992d398ab821cc537fb1d7919560c5ee-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 378392
x-xss-protection: 1; mode=block

GET
H2 200 component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js Show response
www.armorblox.com/ 1 KB
701 B 104ms
100ms Script
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9a955a830fe4c3916de9ff562a0b8b315e40a862dadd9e456b3266ebb1131497

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HRS762D0EE310QTHT
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 99137
etag: "2d0811591db3318cce645b6711f1a16e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 584
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/blox-tales-netflix-credential-phishing/ 30 KB
8 KB 104ms
100ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/blox-tales-netflix-credential-phishing/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4220b911e738c2f8bba237c1e36999914165cd1fa8a1dea1240a87fc461f5f65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6H6JK3VEJR02BBXKQK
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 61
etag: "6208b5bcf4720bcd5fe13ce65647604c-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:10:54 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 8469
x-xss-protection: 1; mode=block

GET
H2 200 1199463856.json
www.armorblox.com/page-data/sq/d/ 2 MB
394 KB 120ms
116ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1199463856.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a40b9fa9a7440c38759c2c8402474e113d3956bb08b77159a4791864d5fb3345

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6JJDG03TP9G8FK4G0E
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "f22f1cfda0effd70d43ce9f3a1393417-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 403201
x-xss-protection: 1; mode=block

GET
H2 200 1347410642.json
www.armorblox.com/page-data/sq/d/ 34 KB
6 KB 120ms
117ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1347410642.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f1d2fc79d147c71aa167b407a47319b8c856948b3200705890a96b312ddf1664

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HXJCS18PD4P3AMN72
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "ab0203806dc59f8875dd7f91347c6bd7-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 6017
x-xss-protection: 1; mode=block

GET
H2 200 1764408108.json
www.armorblox.com/page-data/sq/d/ 148 KB
36 KB 124ms
120ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1764408108.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b3d5b4be6e7a2889c7f7b173472375ce3b2da6033948af5a4484bb7530f06552

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6H8R62T8XVT10VXEGB
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3799
etag: "c45e2dde85c36b6ef33ae9ed7634b313-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 36567
x-xss-protection: 1; mode=block

GET
H2 200 1832314599.json
www.armorblox.com/page-data/sq/d/ 149 KB
36 KB 129ms
125ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1832314599.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

1d974f1e1e970e41c63cb0e33398d884db88acac2ba98ec8b9a8df204fd310fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6JM6D3ADNEHGNWR6DC
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "47e9bdd8f6d48a971190f3f8b959ab3c-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 36675
x-xss-protection: 1; mode=block

GET
H2 200 2204046486.json
www.armorblox.com/page-data/sq/d/ 43 B
157 B 145ms
141ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2204046486.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HQAAHR2E3JN4Z0C89
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "7a24ccbfda83f0e7500f61ee8c02de4a-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 2493646278.json
www.armorblox.com/page-data/sq/d/ 422 B
508 B 145ms
142ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2493646278.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

2bc74d8ac684c2c07dc2c4c8d3df18d6f350631954a49fb342eac5aa13dda267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HC2133D1SNEBEX0YX
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "abaa6108b4739bc00b6bc939a40bb9b7-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 422
x-xss-protection: 1; mode=block

GET
H2 200 2732447379.json
www.armorblox.com/page-data/sq/d/ 64 KB
18 KB 145ms
142ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2732447379.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

85309942cee52cab47e92148f4c21f15984a1e08a6ed7cbb63e275cabd3dc075

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6JS4GQFYAY1HCKA1KD
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "6e226d2de0b26b397a5d962fd6fc1f37-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 17846
x-xss-protection: 1; mode=block

GET
H2 200 2932681485.json
www.armorblox.com/page-data/sq/d/ 70 B
156 B 147ms
144ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2932681485.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

78df6e891c6153241987a2beb3ae39271274a094c36de4922cdc69a23b4811b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6JCQD5CTW8MK7P90N2
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "3cecab4f00ff69d710bf2664e4e24ff4-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 70
x-xss-protection: 1; mode=block

GET
H2 200 3040308473.json
www.armorblox.com/page-data/sq/d/ 2 MB
388 KB 148ms
145ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3040308473.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

71b0089d7c527e6a7531b790e4506f3b2705f5cbb8b3f95a5ceef1fa55cf9338

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6JKR8N92H5V1K7M97W
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3799
etag: "a8f7633408f4040faaa9290cb5b3254e-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 396835
x-xss-protection: 1; mode=block

GET
H2 200 3323934922.json
www.armorblox.com/page-data/sq/d/ 590 B
678 B 148ms
145ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3323934922.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a88cd5d2766532b8d722540581011ad2fe22441f7ec0db584d86dea3787f2fa9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6JWDCTP54YERC609BN
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "3962cda75141ac7d71585dd135b5f385-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 590
x-xss-protection: 1; mode=block

GET
H2 200 3447689480.json
www.armorblox.com/page-data/sq/d/ 3 KB
660 B 148ms
145ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3447689480.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

273b9dc19af04ac2dd618b4b6ae690c2bf7bde4715d13a48126a75b68eebaeb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HC85NPQ35TJRNXSTY
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 99137
etag: "aeec773a3b5b72960ee83cedc4129fbc-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 570
x-xss-protection: 1; mode=block

GET
H2 200 3475154746.json
www.armorblox.com/page-data/sq/d/ 40 KB
7 KB 148ms
146ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3475154746.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

260c3eb2159e04ce0d647d9beb0e3f2758a82136ea5806d32ea3c50d1b2d8d3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HZ8S4V9BCPGM3JJS9
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "148d2c752cfd2b8b379f1a8e8eec4b57-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7008
x-xss-protection: 1; mode=block

GET
H2 200 3627728446.json
www.armorblox.com/page-data/sq/d/ 32 KB
5 KB 150ms
148ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3627728446.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

8b29ef7adac993a0cb8042dcb6705fe6e6b13ae8d3c4bf2f6579aa6ae90ae534

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6HZXYSCR6EACB8P1K9
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "673d8f63b45fe642d30e3504409603f5-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5351
x-xss-protection: 1; mode=block

GET
H2 200 4183231755.json
www.armorblox.com/page-data/sq/d/ 2 MB
387 KB 151ms
149ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/4183231755.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

8f27cedaf17cda78d6e31b33e5bf69837621e7f41d1aaaf2305ab154cc33064e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6J30P0XPEXPPBJYHMH
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3798
etag: "f1c38602db5ca63ea1a691ada6043742-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 395576
x-xss-protection: 1; mode=block

GET
H2 200 app-data.json
www.armorblox.com/page-data/ 50 B
138 B 151ms
149ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/app-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

15d69b5673cf488a9115372ebf1c3c3410cc5f9aaf58b283ec5c450aa9eb3d0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0W6J4FKBVW9MY3QV4GZR
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 99137
etag: "4b89934db09ddbc79606e1d20a6b879d-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
accept-ranges: bytes
content-length: 50
x-xss-protection: 1; mode=block

GET
H2 200 netflix-credential-phishing-thumbnail.png
assets.armorblox.com/f/52352/960x540/e0bf661e4a/ 14 KB
14 KB 575ms
416ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/960x540/e0bf661e4a/netflix-credential-phishing-thumbnail.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae67e45cd6461f3b5066ec7092c7b75d782741091fe7d7a852f09090a41bb470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: .vOlEhmLX3cqBdKZiYKFNJ7u.yfR8MJ1
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "8dcae63f6b2ce11aab0826f4d2c7b5b1"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14061
last-modified: Tue, 21 Jul 2020 00:46:36 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7smLkTulxsrooezQMHAY2IblEAx5f9CKFjEylTqf5tiAE2fcaQU1tg==
expires: Wed, 21 Jul 2021 00:46:35 GMT

GET
H2 200 netflix-credential-phishing-attack-flow.png
assets.armorblox.com/f/52352/1268x714/6b240e7a2c/ 614 KB
617 KB 656ms
497ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/1268x714/6b240e7a2c/netflix-credential-phishing-attack-flow.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08f2c07d0512cf4fded20fafb75e78d1ec3f9f40b739c1c04a72f18566c762a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: N3LBHMPyBQ45gXSgeMaivGJxGHx5MYyn
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "7f881f9c345e5f6bda3d2df2cab07d98"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 629164
last-modified: Tue, 21 Jul 2020 17:10:37 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: gi7ivhCVhvvG6POomwZWaRxoGYLhXgxdCpYDfBaFgyEnYhBIaWYd0g==
expires: Wed, 21 Jul 2021 17:10:36 GMT

GET
H2 200 netflix-phishing-email-body-final.png
assets.armorblox.com/f/52352/545x482/5f2f64ad57/ 59 KB
59 KB 576ms
418ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/545x482/5f2f64ad57/netflix-phishing-email-body-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 792506c76d7f282c24ae785c306e1027e4238d09ffdd2c33df7a6cbb5fe4e43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: apuSvUMscZh5xlJJoQqsKLKFj7IuaFVe
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "1062ea047b3530f590943c24444d9a43"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 60055
last-modified: Tue, 21 Jul 2020 17:12:47 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ONJ2T6QLPSWupNXnrMLp6-sG9x335tLqYnJenZiKfYrwbHI3ygnCdw==
expires: Wed, 21 Jul 2021 17:12:46 GMT

GET
H2 200 netflix-captcha-final.png
assets.armorblox.com/f/52352/529x384/bd43a21fb5/ 16 KB
17 KB 654ms
496ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/529x384/bd43a21fb5/netflix-captcha-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bcc8bb2f2e6001f7731f1b972e939012587a465345af843c6ab9a9c461aeb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: y1qdSGVHKj7dI8cCfD9rWrqpcV03It0h
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "f2bda5ffcf60436a21cf705eb9307035"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 16669
last-modified: Tue, 21 Jul 2020 00:30:14 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mJ2LGrNNfV28YuJA1VMxaxvRLVZB321FWiZdFRurqRz2_GbPLfOWlA==
expires: Wed, 21 Jul 2021 00:30:13 GMT

GET
H2 200 whf-netflix-final.png
assets.armorblox.com/f/52352/652x386/c54ef09c4a/ 271 KB
272 KB 627ms
469ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/652x386/c54ef09c4a/whf-netflix-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eefeea093168e2e7c715358344b72d9aaf8815d2deb320dcaa934e4d51eb147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: Rz_dbCl_tOV6lHxc91krFoUvDbgnHOV9
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "b38d57f5d5f89e267d65acf88c7b5756"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 277779
last-modified: Tue, 21 Jul 2020 00:31:53 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JW6q5E91EEBPs1KXux3jkiX4MgdsJJpggJOt5qElDrLFEv1aiTsD9g==
expires: Wed, 21 Jul 2021 00:31:52 GMT

GET
H2 200 netflix-whois-record-final.png
assets.armorblox.com/f/52352/788x285/980a1d052e/ 118 KB
119 KB 600ms
442ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/788x285/980a1d052e/netflix-whois-record-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 672eff660abe4418afe333b3314d7145f844762d61b7b2b340f99c71775d7dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 9uc3a_H6HiOlHiMt25FkuqoCV2I.EItW
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "d4f343a124ac5ae993e8e8de4400be16"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 121252
last-modified: Tue, 21 Jul 2020 00:32:49 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: oM6SCoBody28tOg44M1cYkldyUaMg-QMzrxuqvwlqW7pNOjdEHSzoA==
expires: Wed, 21 Jul 2021 00:32:48 GMT

GET
H2 200 netflix-login-page-final.png
assets.armorblox.com/f/52352/897x571/c0ad2de7a6/ 754 KB
757 KB 492ms
492ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/897x571/c0ad2de7a6/netflix-login-page-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc6475a76eaa61e6c169cfb7bc233e617fb7322904a194355fcbd7e34e61f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: pdYFfaE5C0swNock1MTONhOZDqg0nPoF
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "7dca10e7ab25a2af58236bb2dfa07ed5"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 772088
last-modified: Tue, 21 Jul 2020 00:34:13 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: oxeebfqb3lexV_i7LfT4ANZkK4f3haJhfmcC-ZouoaMMIPm04FhW8A==
expires: Wed, 21 Jul 2021 00:34:11 GMT

GET
H2 200 netflix-billing-address-final.png
assets.armorblox.com/f/52352/712x571/1cc07c523f/ 597 KB
598 KB 493ms
492ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/712x571/1cc07c523f/netflix-billing-address-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c103627751ca38778b802e130cfa523aa0fb47552fada36f9cafca65dc8bf7e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: MBHkMX85oXVIAIbCtsBCqexfhObTnqga
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "ce9df454bfb392c214af5eea697c23e3"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 611556
last-modified: Tue, 21 Jul 2020 00:35:06 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hG7_ks0HwFyWDvH5YaxUWD8ijA7vquItE7RCoRYnmlgKcB1D1y7sNQ==
expires: Wed, 21 Jul 2021 00:35:05 GMT

GET
H2 200 netflix-payment-page-final.png
assets.armorblox.com/f/52352/724x571/572b19b667/ 629 KB
631 KB 491ms
490ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/724x571/572b19b667/netflix-payment-page-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a808a0d38265362afe28171f6ea9eafcd29fe350d2fe54418ca4b9f593707d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: n_VELHOt79bd3wBynyxWjDdRZKcrdDuD
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "b03879bb786edf619e3d2e29669ce9bd"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 643885
last-modified: Tue, 21 Jul 2020 00:35:37 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QWgR3X3pDDER5GFahTozByERaP8Ce2DhkTglFy-ioh1e7em8ndtnSQ==
expires: Wed, 21 Jul 2021 00:35:36 GMT

GET
H2 200 netflix-email-header-final.png
assets.armorblox.com/f/52352/1254x304/fec1a461f7/ 66 KB
66 KB 490ms
489ms Image
image/png 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/1254x304/fec1a461f7/netflix-email-header-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e079894f0fbf15f3eaa5d999e208a2604f5ea85e7e3790013b1e990e01dcf0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: jbRGS7ZU.D8H2ZJ3rjQDOgFnCbGCgpqU
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "9888c591dc6602beefc051dc460d1f52"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 67299
last-modified: Tue, 21 Jul 2020 00:37:33 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -7oCPxQmg1yiykjsLAsynQgw7jvcKU31zcDBpqP_dtzSxhgjKJZfng==
expires: Wed, 21 Jul 2021 00:37:31 GMT

GET
H2 200 youtube.svg
assets.armorblox.com/f/52352/x/7453252d4c/ 704 B
1 KB 491ms
491ms Image
image/svg+xml 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/7453252d4c/youtube.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6f9abbe03119dc36e88acddcb8e50d8522352723c5fd5f1e6c0c3426b4ff5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: lbRkzmHrb2xeGv_ziOr8RkpI_LZPvXwB
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "657583ff2e768183a5fb64fb0b9e7d2f"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 704
last-modified: Thu, 24 Jun 2021 18:08:06 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4rkeJwMsBRMyRj9Zo8OeFMygHj3Q35CyTLUot5U23wz-zlKvkS36EQ==
expires: Fri, 24 Jun 2022 18:08:05 GMT

GET
H2 200 linkedin.svg
assets.armorblox.com/f/52352/x/155bd1c707/ 812 B
1 KB 491ms
491ms Image
image/svg+xml 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/155bd1c707/linkedin.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b75d669453c5377eebafda19b9ae0b4583853a06a5ba817fad8174adacf7fe69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: XsESDOX82cYk.RLqQtoILFecu6jiFmP.
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "21ef1437b68ac009fef5345d7e32ab29"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 812
last-modified: Thu, 24 Jun 2021 18:07:38 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YcEV2kI0dTwlg0rDig76LMT7sGUWMWNvk31U3aDab1BVK1akYHtvOA==
expires: Fri, 24 Jun 2022 18:07:37 GMT

GET
H2 200 facebook.svg
assets.armorblox.com/f/52352/x/64fd04f4ec/ 534 B
1007 B 490ms
490ms Image
image/svg+xml 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/64fd04f4ec/facebook.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 132e0a9dd6275c5353db596f5fec132a5120ff9ad39ab3d27eb4e7ad2b7f9a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: qiC.VGaumdHq7VFjbEBar5PwE9WXg5jm
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "49954fbdf18ba81327981eab1758dc55"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 534
last-modified: Tue, 29 Jun 2021 00:30:31 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6JHlibs4bK9eFHmNzP95fW3K7uNSq_YeNXxZPgslbX8kzyI9AKfMfQ==
expires: Wed, 29 Jun 2022 00:30:30 GMT

GET
H2 200 twitter.svg
assets.armorblox.com/f/52352/x/e0446ad765/ 963 B
1 KB 492ms
491ms Image
image/svg+xml 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/e0446ad765/twitter.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7001ada63b35c370c5c207ef8c85d0ae5bd79c826599f1d2bc36de67a6531ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: NfDoMuB.euKHPI_VkVpl9j.6PBlb08gC
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "a289a62d76fd458b5967482c532773c9"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 963
last-modified: Thu, 24 Jun 2021 17:59:33 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pcYEz1H0THIhT0r3dfHSCJepHbcLolC35cJtuHwl-dAVl1Oj1t4Tpg==
expires: Fri, 24 Jun 2022 17:59:31 GMT

GET
H2 404 7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json Show response
cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/ 215 B
581 B 79ms
35ms XHR
application/xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fa43750cb547f586079eeae5798a3a92b84459973c3afa6dc6c5117ade20e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 61
vary: Accept-Encoding
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 4e94c605-701e-00bc-6a29-cccf97000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 74d291eed9006967-FRA
expires: Mon, 19 Sep 2022 17:11:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
81 KB 352ms
44ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1246259c5cf8f47c60b8c93a1610f9fc1a19c0bf89a6efccce7792d6993066d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82127
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 13:11:56 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04f9098825e7c5644552ed96fd1e01bba9bd0c074784d085108ffcc889c06f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 341 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5571f1943dcc57dfed00e9e8c9bcd1588d1b9eccceb9c9472219167cdad0e933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47d0606aac29b8e5df0845350e3fec479cc51387efb7fef9b3c7bb181b8c7a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 136ms
21ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jvs4ixc&ht=tk&f=17001.17005.22622.22658&a=85898256&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 19 Sep 2022 13:11:56 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/ 46 KB
47 KB 132ms
34ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 276ce26603da0a4bf9d16f692e149734aa6a26eb4e56885938cd8c5582c6d423

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
server: nginx
etag: "3a10c5262b240475e5bca5e7da48ec50b8a32efc"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47364

GET
H2 200 l
use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/ 48 KB
48 KB 133ms
40ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3cb45867ace25baa1d6bcd56d05739fa8733cbadd9959fb33c2c038037a8742d

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
server: nginx
etag: "c8259a14b519552d38e884fd3c99e38df688eca8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48668

GET
H2 200 l
use.typekit.net/af/d9e6fa/00000000000000007735a1c3/30/ 43 KB
43 KB 169ms
80ms Font
application/font-woff2 2a02:26f0:11a::6867:4841
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d9e6fa/00000000000000007735a1c3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d3629679a7b8c5d0d6af84a5aca6ef0e8fb7f966b39c6a64cd584dbeef2ca5ce

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
server: nginx
etag: "deedb6e32ad5c2c4c06c04c78a4e7af1ce7e86a4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43648

GET
H2 200 logo_color.svg
assets.armorblox.com/f/52352/775x159/8fa6246e47/ 5 KB
2 KB 406ms
405ms Image
image/svg+xml 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/775x159/8fa6246e47/logo_color.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0b8a9530fe420d782e19330e0f0efa1063be86f3ddb516908afcd3ae653ac5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: mz7FuZyYU2Vi0U2XIKm7_i5TkImigldk
content-encoding: gzip
last-modified: Tue, 22 Jan 2019 17:30:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"bd9097047e005ccf1fd3c513042585c6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
cache-control: public; max-age=31536000
date: Mon, 19 Sep 2022 13:11:57 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: 7xHRY5epahx7j66pVFJ3rC5c9ttg0AIJUyzDpmjH0LyrzTUBkIlmyQ==
expires: Wed, 22 Jan 2020 17:30:47 GMT

GET
H2 200 abhishek-photo.jpg
assets.armorblox.com/f/52352/720x960/f3b816ebbc/ 79 KB
80 KB 434ms
434ms Image
image/jpeg 2600:9000:2057:8a00:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/720x960/f3b816ebbc/abhishek-photo.jpg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8a00:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc1365163acf680a1f6034ea4ffb60b748a7a71ebee3d911989771b4962486d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: Qe8uGuGaixjXrZwpkfil0TFqIk07FO1j
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
etag: "0525b55370c4b740b0923fbab23957db"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 81210
last-modified: Wed, 05 Feb 2020 00:27:00 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:11:57 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fG_G-kAQ44qpfq4lRgE1JpvUC7IdZMXrt44QYnSIiYCBzohY6fYDpA==
expires: Thu, 04 Feb 2021 00:26:59 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 153ms
37ms Script
application/x-javascript 2a02:26f0:11a::6867:4868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=39744
accept-ranges: bytes
content-length: 3063

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 105 KB
41 KB 94ms
40ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-P34TZX3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8eba5a7ceaec1b523c20b1a82dc4226ebbe7931530fed009e97b9df5d9e6367c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41724
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 13:11:56 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 148ms
75ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 13:11:56 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 369ms
309ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 13:11:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 728

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 120ms
24ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 21:24:41 GMT
server: ECS (frb/67D4)
age: 57418
etag: "5ba639149c9d81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32316

GET
H2 200 ikk2zzg7t3aw.js Show response
js.driftt.com/include/1663593300000/ 214 KB
61 KB 259ms
170ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1663593300000/ikk2zzg7t3aw.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

230cef17f8b019c9e5987e1966b3e131c21fa794a0d76b3a4a712fa849dbee58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: N6U5KL_Z1eVcggYSKxAOUng14z.yWLni
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
etag: W/"7fcb1454db860e57f83119b09d3fdb80"
x-amz-cf-pop: IAD89-P1, FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 21:04:17 GMT
server: nginx
date: Mon, 19 Sep 2022 13:11:56 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true, true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HlwKNo95eTpiQGWTsStyVk4jfprK-AGBTK4LaCgIRoNFZR_U5OPAaQ==

GET
H2 200 lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 6 KB
6 KB 202ms
128ms Script
application/x-javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
last-modified: Fri, 10 Dec 2021 19:19:18 GMT
x-amz-request-id: tx0000000000000a5342aaf-00631fb4f1-3ade2f46-sfo2a
etag: "b407e44b8c40c183ae2c50df3bbcf151"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1663593116.dop054.fr8.t,1663593116.cds106.fr8.hn,1663593116.cds270.fr8.c
content-type: application/x-javascript
cache-control: max-age=34005
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 5673

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

43 B
793 B

43ms
43ms

Image
image/gif

52.51.145.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

HTTP/1.1

Server

52.51.145.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-145-228.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 19 Sep 2022 13:11:57 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1
Date: Mon, 19 Sep 2022 13:11:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 forms2.min.js Show response
app-sj27.marketo.com/js/forms2/js/ 208 KB
69 KB 245ms
70ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 04:27:51 GMT
server: cloudflare
age: 3351
etag: "25e05e2-33e56-5e731742b0ec1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 74d291f48f1b9b1c-FRA
expires: Mon, 19 Sep 2022 17:11:56 GMT

GET
H2 200 stories Show response
api.storyblok.com/v1/cdn/ 67 KB
23 KB 112ms
28ms XHR
application/json 143.204.89.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.storyblok.com/v1/cdn/stories?token=Qd69ZOZO6sHj2uVQzEsu3gtt&by_uuids=c30cefe9-d11f-4511-9958-5e9a0879a791,623ef6b2-4f7f-4901-9a02-55f797403c9e,f673115e-dd13-4409-9ba6-bc1025704c0b,bb1bb925-f90d-4afd-9e42-ba46883b8ece,c65903fa-9042-472f-b942-6d8fd4c4c0e9,711ed5f7-c3b1-4e20-b751-184bc4811c8a

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-99.fra50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

42a8f795eb7183f35ebfa83536ce0c6bac400c532157b6cd0551ab3952ade5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:47:02 GMT
total: 6
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 8694
x-cache: Hit from cloudfront
per-page: 25
content-encoding: gzip
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
x-request-id: 9d14c8f7-d268-4655-9013-b4fc47e31c54
x-runtime: 0.060442
access-control-allow-origin: https://www.armorblox.com
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"42a8f795eb7183f35ebfa83536ce0c6b"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
access-control-expose-headers: Api-Version, Token, Total, Per-Page
cache-control: max-age=0, public, s-maxage=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
link
x-amz-cf-id: K2cHsyRsQhLtyrsLsf3sv78HRaIMZxHKotgu5jrpdNmilzFtC3WocA==

GET
H2 200 page-data.json
www.armorblox.com/page-data/index/ 0
10 KB 27ms
22ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/index/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1K4RTJEXSBA1ZTPNX0
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3791
etag: "60b3ad9d242a39c1f564a9c2a3287bb7-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:45 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10292
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/ 0
5 KB 40ms
36ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1MAXEZRCW7QDBD2AM6
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 70416
etag: "93e378674244b50145d530929bf27a92-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 17:38:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5449
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/ 0
9 KB 27ms
23ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1MGWJGGQ2AN24D8062
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "7adfe3816bedb0f2c778181f307eaf39-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9523
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/authors/abhishek-iyer/ 0
5 KB 27ms
24ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/authors/abhishek-iyer/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1MD2TEMF7EDZPHF6NK
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 61
etag: "0af76f08c60c10c67c9aa2bbc05c0955-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:10:55 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5040
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/ 0
11 KB 28ms
24ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1MNJK9W29WFEX5C7HM
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "5411a8413360ef760775c56e4d39463f-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10842
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/microsoft/ 0
10 KB 27ms
24ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/microsoft/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1MEWEEKWNQ3DVGW6FP
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "bba2c8576f91a1360379ac962b5db331-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9819
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/financial-services-email-security/ 0
11 KB 32ms
29ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/financial-services-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1M1K8XDZ8Z9RHS0QBV
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "752a4f76a8c8be6ec6bd1c268838efcc-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10903
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/education-industry-email-security/ 0
11 KB 28ms
25ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/education-industry-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1MRQPTWASSJK2N859M
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "2102beee383b11bd12978dc7c98dc894-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11288
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/email-account-compromise/ 0
11 KB 36ms
33ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/email-account-compromise/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1MJSJT97NQ4EH2EZY9
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3791
etag: "611164b4f3e5f6c850cc0a1295c23fa8-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:45 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11435
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/business-email-compromise/ 0
12 KB 28ms
26ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/business-email-compromise/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X1M2NYKYMSMFG7001JY
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "19b823b1ca4a078af703281aac9ed19e-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11675
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/customers/ 0
10 KB 48ms
46ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/customers/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X2AFFEEFJA7EF673QY6
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "c6e46550fb0812a1a43fe140e46ee0b8-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10617
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/healthcare-email-security/ 0
11 KB 48ms
46ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/healthcare-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X29ETPZZ68VXP6H9K3W
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "829212c216ea1ae673a0a4135f797829-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10898
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/data-loss-prevention/ 0
11 KB 46ms
44ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/data-loss-prevention/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X29CTYHRX24E1CAAW1W
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "100732a4b702cab4e7f75c001dc7bb97-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11483
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/executive-impersonation/ 0
12 KB 47ms
45ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/executive-impersonation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X2AH0WD6T80YD1KMJGX
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "1e0201d8228407712beb8cac83d7b257-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12004
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/google/ 0
9 KB 46ms
44ms Other
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/google/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X2AZQHW4ZRWB675QE1K
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "210096b8cb8a11a5f85dc7b0e12317fa-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9436
x-xss-protection: 1; mode=block

GET
H2 200 6si.min.js Show response
j.6sc.co/ 30 KB
10 KB 107ms
31ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

b71f76186117ab510aca8eb8208815da837acdd4b29e171c9897993175c28878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 22:26:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "630402a0-786e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 9594
expires: Mon, 19 Sep 2022 13:11:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: Dg3xavNuu4I+v/AB2VHpMfnRLuFhy0gVKAUr00uIISVs0KAu1+BzaL92H+86Uujq2Ry9i0AmplhX85ndkdJLzw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 13:11:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ha-analytics.js Show response
analytics.humanautomation.ai/ 61 KB
20 KB 526ms
214ms Script
application/javascript 184.73.246.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics.js
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-246-234.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: d3383dd19ed9aad4099c7b406339e82c23385d4d015eba91ec048bbdb8051f25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 02:06:25 GMT
server: nginx/1.20.0
etag: "f3dd-5e80cc28faa40-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 20312

GET
H2 200 ha-analytics-form-tracking.min.js Show response
analytics.humanautomation.ai/ 10 KB
3 KB 419ms
109ms Script
application/javascript 184.73.246.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics-form-tracking.min.js?v=1663593116732
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-246-234.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 376c16c0f5598f8c744c19291f060232fd0bfa3cd685e7bdbedb5bd1d5779c56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 02:06:25 GMT
server: nginx/1.20.0
etag: "2993-5e80cc28faa40-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3273

GET
H2 200 4MreV1Ai7H5ui5ARpnnT Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 239ms
172ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/4MreV1Ai7H5ui5ARpnnT

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

387a1704361cb17281be02571bdfe530bfb26ad461073b51bd94a289dafdbcbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 74d291f429aabbc5-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 92ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2d4580826066e1532c01cc968fd02336e372b28773584a80c37801a22445a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 19 Sep 2022 13:11:56 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 153ms
47ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=pzpbnk3&ct=0:cg0zq4c&fmt=3
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 120ms
46ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=pzpbnk3&ct=0:g19hf38&fmt=3
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6958
date: Mon, 19 Sep 2022 11:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 13:15:58 GMT

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/index/ 43 KB
10 KB 26ms
22ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/index/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ffedecaa5ea039ffbdc1cc9d651a4856e08a9f2bbd9e2a5dccefc7cd38e42226

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4GCFJXHMQRGR0QDX8T
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3791
etag: "60b3ad9d242a39c1f564a9c2a3287bb7-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:45 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10292
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/ 38 KB
9 KB 26ms
23ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c196eda385cab60127300efb93c6ee115a48025ede63f48cdd7c7e2a93f27966

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4GCXP6DZ9XD8D4R2TM
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "7adfe3816bedb0f2c778181f307eaf39-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9523
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/blog/authors/abhishek-iyer/ 19 KB
5 KB 30ms
27ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/authors/abhishek-iyer/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5ed7071748f7490216d3f80c420696657ddc7d882d48daac1e9bbe2721840a52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4GD8JSN8N0FAR81ET7
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 61
etag: "0af76f08c60c10c67c9aa2bbc05c0955-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:10:55 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5040
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/microsoft/ 40 KB
10 KB 30ms
27ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/microsoft/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

fc1e1b414a41e1039d0995863c848978cead85dd93713dedde86a5f4036f046c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4GDJG9A65G7MA5CPXA
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "bba2c8576f91a1360379ac962b5db331-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9819
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/ 38 KB
11 KB 28ms
25ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

7affec8282a03eb4eb47780a46e9d8c7f2f5603cfe6be321dd064d03ac60eef3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4G0CF6A0HM448Z9DDS
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "5411a8413360ef760775c56e4d39463f-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10842
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/education-industry-email-security/ 41 KB
11 KB 36ms
33ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/education-industry-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ab4f468b462952c0b24e589333f2b18cb4ff05177c3d9353d24e8f44d519d2b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4GGDR56NHZQAZN34K7
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "2102beee383b11bd12978dc7c98dc894-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11288
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/business-email-compromise/ 42 KB
12 KB 33ms
30ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/business-email-compromise/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

df26a4efbeab7bdc6099663f5762fe2b6c6fd53230064e7503104e3a9582fc37

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4GECPBH0EQMKMYWG27
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "19b823b1ca4a078af703281aac9ed19e-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11675
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/financial-services-email-security/ 39 KB
11 KB 27ms
25ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/financial-services-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

93a805e1e77c07570d61dda3ff689dcf2a205ee1452de272d4a2d17e29c352ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4G3ZGNJ082Y481K7JA
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "752a4f76a8c8be6ec6bd1c268838efcc-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10903
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/email-account-compromise/ 40 KB
11 KB 31ms
29ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/email-account-compromise/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e046beb1e5af3b7941fe46f8a42016dfa89157e68b398da5bb61d49b6eb47bdc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4HM2E2B133V66E7Y94
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 3791
etag: "611164b4f3e5f6c850cc0a1295c23fa8-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 12:08:45 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11435
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/blog/ 20 KB
5 KB 26ms
24ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

162e18544f336f5335835730a3d017b65749cda68d94de3efafe10d679fa72a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4GZ6B9FDMJBSVK8P2A
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 70416
etag: "93e378674244b50145d530929bf27a92-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 17:38:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5449
x-xss-protection: 1; mode=block

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
304 B 25ms
24ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=e142a8da6dab42e4b73482cdb7768e4f&_biz_s=5dd3a&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&_biz_t=1663593116808&_biz_i=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&_biz_n=0&rnd=836525&cdn_o=a&_biz_z=1663593116809
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:56 GMT
last-modified: Wed, 14 Sep 2022 14:12:01 GMT
server: ECS (frb/6760)
age: 428395
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 47ms
23ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=e142a8da6dab42e4b73482cdb7768e4f&_biz_s=5dd3a&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&_biz_t=1663593116811&_biz_i=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&rnd=491721&cdn_o=a&_biz_z=1663593116811
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:56 GMT
last-modified: Thu, 15 Sep 2022 23:58:30 GMT
server: ECS (frb/67C2)
age: 306806
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/google/ 37 KB
9 KB 34ms
33ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/google/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

dc993be385b63c746e962cc42adb2ba08a67c3c5eafbd08b28014e105aa8c2d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4VT3F8YQ684G6RBMD6
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "210096b8cb8a11a5f85dc7b0e12317fa-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9436
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/data-loss-prevention/ 42 KB
11 KB 42ms
41ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/data-loss-prevention/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d42b61b91e910fd6515346f7dd2f09542a3fd2cb080e14ea1a737c414abeb085

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4VHTY1CAZN8K1GP29Y
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "100732a4b702cab4e7f75c001dc7bb97-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11483
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/executive-impersonation/ 43 KB
12 KB 25ms
24ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/executive-impersonation/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

2506da391f7bf08d8933cbf783cca162d930429b131903dfdc1bb198a60a821e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4VAPMH2E19KQ8JK19A
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "1e0201d8228407712beb8cac83d7b257-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12004
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/healthcare-email-security/ 39 KB
11 KB 24ms
24ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/healthcare-email-security/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

42fc1ae55974f761daff6f271095d76b4ebdd16b9c7562960ee5bea66e8ae60c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4WRGRZZB9G26VNE221
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85961
etag: "829212c216ea1ae673a0a4135f797829-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:16 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10898
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/customers/ 43 KB
10 KB 24ms
23ms XHR
application/json 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/customers/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d7166701ae98da2295d5e82857f3d7dc1baa451671130585ef74283729c25874

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X4VXMJGTQC1V1HNGA7S
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 85960
etag: "c6e46550fb0812a1a43fe140e46ee0b8-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 13:19:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10617
x-xss-protection: 1; mode=block

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593116818&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1663593116818%26url%3Dhttps%253A%252F%252Fwww.armorblox.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593116818&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593116818&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&liSync=true&e_ipv6=AQI5T88PM9Ob...

0
267 B

221ms
144ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593116818&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&liSync=true&e_ipv6=AQI5T88PM9Ob0wAAAYNV4HeqVtlzFnZIAr0UAINX-s3mNhGpMg8O7QXFTPJyA2M7mBAUg2gp1CKL
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A32620333D7C4C2F9B06AE5BDC54C5E2 Ref B: DUS30EDGE0717 Ref C: 2022-09-19T13:11:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpB3TWchGdzjtdVCD+dA==
x-li-fabric: prod-lva1

Redirect headers

date: Mon, 19 Sep 2022 13:11:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D8639C6C0D69493B9B1A019BD94F326D Ref B: FRAEDGE1406 Ref C: 2022-09-19T13:11:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593116818&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&liSync=true&e_ipv6=AQI5T88PM9Ob0wAAAYNV4HeqVtlzFnZIAr0UAINX-s3mNhGpMg8O7QXFTPJyA2M7mBAUg2gp1CKL
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpB3TTSiABtEEEj0i23w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/ 2 KB
1 KB 120ms
66ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1663593116821&cv=9&fst=1663593116821&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&auid=1878231451.1663593117&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8700764b4f3e4497c18f481fcb140c4c32aaf2b091d4a5b97bfe3620f8107e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/ 2 KB
2 KB 79ms
65ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1663593116824&cv=9&fst=1663593116824&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&auid=1878231451.1663593117&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea17b188eae034fb67096532b668918f0e2bce73276ce1d26e5b314cff41a2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js
www.armorblox.com/ 0
729 B 27ms
23ms Other
application/javascript 2a05:d014:275:cb01:8909:43f0:2069:7b77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8909:43f0:2069:7b77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY0X5RCG5K29NG0C010J3A
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 99138
etag: "2d0811591db3318cce645b6711f1a16e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 09:39:38 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 584
x-xss-protection: 1; mode=block

GET
H3 200 212326003800453 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 97ms
73ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212326003800453?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

809db6c849488a111554cadd2cf358db4a820e9d908208250be6d155c2aacda2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: YkC/cFPpka+FpVuCTh/SJiPl/PC0fnMRgk/Mn0HjJlFqph+UvCSwsBINtnclu8FXeGr08iF1NucTCBBkdTOTfw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 13:11:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
520 B 456ms
456ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=e142a8da6dab42e4b73482cdb7768e4f&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.08.11
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 769990a647786311162340702d2236fae7bc9430ee662c2b01b6dd6a89fef3aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
content-encoding: gzip
server: ECS (frb/6711)
etag: 040A8193
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 217

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 86ms
28ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-103936869-1&cid=777831392.1663593117&jid=1953412274&gjid=1760364542&_gid=1081358131.1663593117&_u=YGBAiEABRAAAAE~&z=1297820579

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Sep 2022 13:11:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.armorblox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1675721243&t=pageview&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABR~&jid=1953412274&gjid=1760364542&cid=777831392.1663593117&tid=UA-103936869-1&_gid=1081358131.1663593117&gtm=2wg9e05DM95KB&z=1151844276

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63272
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1675721243&t=pageview&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABRAAAAE~&jid=&gjid=&cid=777831392.1663593117&tid=UA-103936869-1&_gid=1081358131.1663593117&gtm=2wg9e05DM95KB&z=1203713858

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63272
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
705 B 94ms
29ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 13:11:56 GMT
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1f05495d-af4a-4c46-8ad2-8d9423fabc7b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.armorblox.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
204 B 30ms
29ms XHR
text/html 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:56 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.armorblox.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/a97e97de/www-widgetapi.vflset/ 161 KB
52 KB 70ms
24ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a97e97de/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53518
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Sep 2023 12:05:58 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 23ms
21ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 13:11:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4677
Expires: Wed, 28 Dec 2022 13:11:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 101ms
47ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103936869-1&cid=777831392.1663593117&jid=1953412274&_u=YGBAiEABRAAAAE~&z=273869273

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 98ms
46ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103936869-1&cid=777831392.1663593117&jid=1953412274&_u=YGBAiEABRAAAAE~&z=273869273

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getForm Show response
app-sj27.marketo.com/index.php/form/ 3 KB
1 KB 98ms
97ms Script
application/javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-sj27.marketo.com/index.php/form/getForm?munchkinId=176-XMJ-030&form=1082&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&callback=jQuery112409386071456329499_1663593116977&_=1663593116978
Requested by: Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e79f3fdab70c2b8877f2add551c2717d0c2e4b715c177297d2d586a1e3584a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d291f5385b9b1c-FRA
cached: true
content-type: application/javascript; charset=utf-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 208ms
207ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=46057d91-98cb-42ab-8660-47bccfef8624&session=3c5526ed-8171-480d-87af-fdaeb57a467d&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A11%3A56%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&pageViewId=9040817f-09b6-48c2-84f9-f918b17d462b&an_uid=0

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 100ms
40ms Script
application/javascript 2606:4700::6812:1ecd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/4MreV1Ai7H5ui5ARpnnT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b05f32b262a8ddfa4c0322b0b4b376258b7996177b98d5a1e2b4585d20cba27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
age: 51984
cf-ray: 74d291f5a9ff9b34-FRA
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 04:12:14 GMT
server: cloudflare
etag: W/"9d3ea74a65932cc93f95029e15978232"
vary: Accept-Encoding
x-amz-version-id: voLTTawX.GcVEDQiIRYzY2txm8P5Ii8i
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: bU8R-xbd6HLwDtP3ZiUr9jw7vY6WR4-h8pZhLeJ-TkXCVbiGQhWR9Q==

POST
H/1.1 200
OK visitWebPage
176-xmj-030.mktoresp.com/webevents/ 2 B
318 B 938ms
170ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://176-xmj-030.mktoresp.com/webevents/visitWebPage?_mchNc=1663593116999&_mchCn=&_mchId=176-XMJ-030&_mchTk=_mch-armorblox.com-1663593116998-38217&_mchHo=www.armorblox.com&_mchPo=&_mchRu=%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 13:11:57 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 4dfde6dd-2d2e-446a-8bdf-9261170edbd3

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 72ms
23ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212326003800453&ev=PageView&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&rl=&if=false&ts=1663593117013&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663593117012.201712771&it=1663593116856&coo=false&rqm=GET

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 19 Sep 2022 13:11:57 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 432 B
422 B 69ms
24ms XHR
application/json 18.195.70.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.70.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-70-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c56d2e2a7cb5a74f15d01417d51fc16c7b3745f0aaf96496f819d3d04e5391b9

Request headers

Authorization: Token feeee1c1b8e5fdaa6744704973e2bdfb76df296b
Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.armorblox.com
access-control-allow-credentials: true
content-length: 235

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 102ms
23ms Preflight 18.195.70.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.70.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-70-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.armorblox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.armorblox.com
access-control-max-age: 1800
date: Mon, 19 Sep 2022 13:11:57 GMT
server: nginx

GET
H2 200 /
www.google.com/pagead/1p-user-list/726574466/ 42 B
154 B 38ms
37ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726574466/?random=1663593116824&cv=9&fst=1663592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=138692423&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/726574466/ 42 B
154 B 33ms
33ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/726574466/?random=1663593116824&cv=9&fst=1663592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=138692423&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/726574466/ 42 B
108 B 35ms
35ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726574466/?random=1663593116821&cv=9&fst=1663592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=3103825761&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/726574466/ 42 B
108 B 35ms
34ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/726574466/?random=1663593116821&cv=9&fst=1663592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=3103825761&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms2.css
app-sj27.marketo.com/js/forms2/css/ 13 KB
3 KB 35ms
34ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4511
vary: Accept-Encoding
content-length: 2623
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
etag: "1000343-3437-5e66047a81540"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74d291f5e9659b1c-FRA
expires: Mon, 19 Sep 2022 17:11:57 GMT

GET
H2 200 forms2-theme-simple.css
app-sj27.marketo.com/js/forms2/css/ 826 B
331 B 40ms
40ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4244
vary: Accept-Encoding
content-length: 242
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
etag: "1000341-33a-5e66047a81540"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74d291f5e9679b1c-FRA
expires: Mon, 19 Sep 2022 17:11:57 GMT

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
507 B 341ms
111ms XHR
application/json 54.162.244.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.244.84 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-244-84.compute-1.amazonaws.com
Software: Aorta/20220915.002ce0217 /
Resource Hash: 9ce57e5c30223b7ee626c24140379468fd259d95cd2a19fbbe05a2b4f2969456

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
server: Aorta/20220915.002ce0217
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.armorblox.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 54deabcd2f29
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
328 B 2174ms
1910ms XHR
text/plain 44.205.92.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.92.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-92-219.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.armorblox.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H2

200

cm
us-u.openx.net/w/1.0/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...

43 B
304 B

94ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 19 Sep 2022 13:11:57 GMT
server: Aorta/20220915.002ce0217
location: https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 7c0737f56d84
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

451

711861.gif
id.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/liveramp_redir
https://id.rlcdn.com/711861.gif

0
98 B

117ms
33ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711861.gif
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Mon, 19 Sep 2022 13:11:57 GMT
server: Aorta/20220915.002ce0217
location: https://id.rlcdn.com/711861.gif
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: c36ef8325435
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 XDFrame Show response
app-sj27.marketo.com/index.php/form/ Frame A467 2 KB
870 B 202ms
201ms Document
text/html 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/index.php/form/XDFrame

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a0c246d0f89264c120505dc030b7aeb15c8290b4025c27054b7103af03f1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 74d291f66a3c9b1c-FRA
content-encoding: gzip
content-length: 652
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 13:11:57 GMT
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 forms2.min.js Show response
app-sj27.marketo.com/js/forms2/js/ Frame A467 208 KB
69 KB 40ms
40ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-sj27.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 04:27:51 GMT
server: cloudflare
age: 3352
etag: "25e05e2-33e56-5e731742b0ec1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 74d291f7bc4d9b1c-FRA
expires: Mon, 19 Sep 2022 17:11:57 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 61E0 0
18 B 47ms
22ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.armorblox.com
Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.armorblox.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 13:11:57 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 214ms
212ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=46057d91-98cb-42ab-8660-47bccfef8624&session=3c5526ed-8171-480d-87af-fdaeb57a467d&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A11%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A11%3A56%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&pageViewId=9040817f-09b6-48c2-84f9-f918b17d462b&an_uid=0

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 core Show response
rc-animation-feature.js.driftt.com/ Frame DF1B 2 KB
1 KB 395ms
328ms Document
text/html 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1663593300000/ikk2zzg7t3aw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 19 Sep 2022 13:11:58 GMT
etag: W/"e0ba8c4792c65912a0f27752679f2268"
last-modified: Tue, 13 Sep 2022 21:03:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id: CzbJITInI0DkHT9FEUYzmRN8PubBomgkQl6UhRd35q3JHhstVLkW3w==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: izJFrdH2yNnWzZMQ3OGPAoytmJy4p0X4
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
rc-animation-feature.js.driftt.com/core/ Frame F651 2 KB
1 KB 202ms
136ms Document
text/html 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1663593300000/ikk2zzg7t3aw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 19 Sep 2022 13:11:58 GMT
etag: W/"e0ba8c4792c65912a0f27752679f2268"
last-modified: Tue, 13 Sep 2022 21:03:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id: SIW91akDJjVf20_LMBlnOzg6FEAxgGlvwBPqBH5tYi-CC-rJBAf8Dw==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: izJFrdH2yNnWzZMQ3OGPAoytmJy4p0X4
x-cache: RefreshHit from cloudfront

POST
H2 204 ha-analytics.php
analytics.humanautomation.ai/ 0
140 B 158ms
157ms Ping
text/plain 184.73.246.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics.php?action_name=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&idsite=317&rec=1&r=370054&h=13&m=11&s=58&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&_id=355a24535b9ec754&_idn=0&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=fsVTi5&pf_net=175&pf_srv=117&pf_tfr=22&pf_dm1=543&pf_dm2=1761
Requested by: Host: analytics.humanautomation.ai
URL: https://analytics.humanautomation.ai/ha-analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-246-234.compute-1.amazonaws.com
Software: nginx/1.20.0 / PHP/7.4.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.armorblox.com
date: Mon, 19 Sep 2022 13:11:58 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
x-powered-by: PHP/7.4.30

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1675721243&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6sense&ea=6sense%20enrich&el=6sense&_u=aGDAiEABRAAAAE~&jid=&gjid=&cid=777831392.1663593117&tid=UA-103936869-1&_gid=1081358131.1663593117&gtm=2wg9e05DM95KB&cd10=%5Bobject%20Object%5D&cd12=Germany&cd18=&cd19=&cd20=&z=727671096

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 19:37:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63274
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.d8e34284.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 6 KB
3 KB 328ms
327ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:12 GMT
server: nginx
etag: W/"6a378099d695e018c52e103c6bef3506"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NqbipGbj6ABaLzielWSrKtKayfSJGdA5
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fESCPjFNJcCCQgm1nzYKVkyQ_ef17zTbhD3-XzguOaQbgLJ0Kr3AeA==

GET
H2 200 8.611ead2e.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 35 KB
13 KB 330ms
329ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:59 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QZHOHT7DjLRvue69mrq5hjzngmB1OrJd
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zS292juybyP6DHvXAJVd8cloNSv57uEl6r9R-iMo0H1LcpZGcLFwdA==

GET
H2 200 main~493df0b3.7d8b6029.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 7 KB
3 KB 155ms
154ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/main~493df0b3.7d8b6029.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:59 GMT
server: nginx
etag: W/"d67b9f21a56510a527a7f7537b00473f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1czJDXHE2WzvBUwOnEFLYJU9jQAQz6ec
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yIH0QA_qmtW8xuDwKWLSf3RgnGdHJ7dVYhmDtbJ-_gicZUaD2Nj5YA==

GET
H2 200 runtime~main.d8e34284.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 6 KB
3 KB 330ms
329ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:12 GMT
server: nginx
etag: W/"6a378099d695e018c52e103c6bef3506"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NqbipGbj6ABaLzielWSrKtKayfSJGdA5
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Bku3HhDOiADQ5sjQQjOmVX0DKtoEo4MxBNh_Hq1eesuWTuO73cDBww==

GET
H2 200 8.611ead2e.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 35 KB
13 KB 331ms
331ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:59 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QZHOHT7DjLRvue69mrq5hjzngmB1OrJd
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Do-iiN1M5qs-7MUVU4LRSK_NUdRLcoc3A1O9-kbHBRQAVkYhyMCe0A==

GET
H2 200 main~493df0b3.7d8b6029.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 7 KB
3 KB 144ms
144ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/main~493df0b3.7d8b6029.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:59 GMT
server: nginx
etag: W/"d67b9f21a56510a527a7f7537b00473f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1czJDXHE2WzvBUwOnEFLYJU9jQAQz6ec
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rd5C7ODrHo6C1UXJpsiWvyGV6GmdrEaALb34bk36Jmeb9Bdu8H6nHw==

GET
H2 200 48.36272856.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 47 KB
14 KB 139ms
136ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"11fc6ce0a6034588f5e23638e2b6c3f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ChtUqryNYu5xI3CdfAsqp2eA81vWUaqx
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KRcEjdw9eR4sVniQT1xSX-w0_zoUTntTs0EXAKabKOuFasGpcrpzGw==

GET
H2 200 22.fd21eb42.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 44 KB
13 KB 141ms
137ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zPEwGsJO2GOXFHj8FOoox_vv4ChOYfMi
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Cwpt9d5lU29Pqbk6y8Si-RV0UoDklZq_u3rWgrS5LwLqbTxsbGn53w==

GET
H2 200 18.40ab7295.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 16 KB
5 KB 148ms
143ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/18.40ab7295.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"fafe5f62fc3aec49b7966fa154962db8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j41UkziZUJwWbrG0CUmyzE3aF_anbP3m
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1-BccbO7jFe5wxta25amQYKkV6X7lhHR6c8GcN0fz5xKp_Wep3Ak7A==

GET
H2 200 39.0cc86423.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 25 KB
8 KB 321ms
317ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SpI.sueRnZrBRR7HPfz2cmdeWfyNSaK3
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fNqFZNNDmFSO8uTJ1q8KkTUvBFOydSmYqyn0wdy0WNrh8n4igbX_kQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 74 KB
23 KB 322ms
319ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oFrM3dzrhH1DyCTr3n.Sa2JzPNnGezf6
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E8BaNMegyDJjX91utQY0bMTPxQCTamyr3y3HmXvxV9NV0SMy8A459Q==

GET
H2 200 25.8f107198.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 59 KB
19 KB 324ms
320ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g7FL8jZBBAi3p8YuObM1ZmUZKpb7MuM4
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tjeQITiFCTtL5fv0nwB4_U8pFL-Z8JskBzJkRJ__cr7uqMFj40_p-Q==

GET
H2 200 13.3e86f1f6.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 91 KB
28 KB 338ms
334ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AxnZ8nC4Q3DuokuMRzz.UbB8aA156qN1
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tn80JYdJuKXpAb2a--ZWQtcgIitfz8y8teP18jBb9sYIAHDjca8CYA==

GET
H2 200 11.639238ba.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 23 KB
7 KB 143ms
139ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 41Rj_7QKP59w2WnODlMWAa6QFTo_5uBY
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cmQ4aVYUn2xeoMaN-aqB9wEjbcrSNSzn9TYCeOjTbUTed_4HSAUG4w==

GET
H2 200 16.fde6fa28.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 62 KB
19 KB 322ms
319ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0xZuV14y624uLSujRriaDc3gqoEfur.i
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P9t5xzocaaO6ekpr81m4zxO_MqVDtaLh9Z7ys7J4mFyj_eCSmwiAXg==

GET
H2 200 46.c9d569f4.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 105 KB
34 KB 336ms
333ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/46.c9d569f4.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"60ea9f8ff45a51f96f67728ef12e7e79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oUPGVpakMmoJerO2MwT3_xwAqKjkt3EO
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hxBfAKsgA3DiiQLi3jNz0s3z79_7ktP_Vski9HKHDHOh1Fs4ryVDeA==

GET
H2 200 37.9da17c94.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 12 KB
4 KB 350ms
347ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5SBsoGmcP9N86ozFwl1TdhprKX5njRD0
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: De2CxqhgpeHfFm5fua1WRzlks7P9fFjw7aFQKs5oxgJREEYQkVUAvA==

GET
H2 200 28.190877b8.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 13 KB
5 KB 351ms
348ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EoHU2.ZmCXZqPxgkHs2ufHdi99tEdALt
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n2NU645YBdgFdDnKYe7ZUAtkrc3Gvtv1hOhov1uWsJVyItw0mc918Q==

GET
H2 200 21.b8c41db9.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 17 KB
7 KB 346ms
344ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XMKz64The0KMyOy8NmPKNtYJQSVclmxO
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LCv5bEQ48XfySPIGsFs5lFhf-AnNTCe1y0HjwAjPtBIoiVpD5mwMeg==

GET
H2 200 9.169d3073.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame F651 14 KB
3 KB 346ms
345ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/9.169d3073.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:56 GMT
server: nginx
etag: W/"b35f8e1e1998cfcf5160bc69e61be733"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PZY.oixBibrDNnD59vTC4Op0rvbjRJ63
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kS4pPWvBweWMPNf2QLo20HCJQOva4gFNuK1MWcjma49w7cn07M7Gkg==

GET
H2 200 9.4e9a6912.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 75 KB
23 KB 352ms
350ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/9.4e9a6912.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:10 GMT
server: nginx
etag: W/"1583eb6b96fc71c5f3e5fe4b18d55653"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MMkDWFVJ3r5urAC5RWnxS3iyLZdWunFL
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pgDBIRVMLG2jvn-iAWdx3-oY7ODMyWSmOSaJmjfSzflF4XzNBKCZ0A==

GET
H2 200 17.22abfce0.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame F651 24 B
666 B 351ms
349ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 24
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7M8NQbikpJSuSrkEvIs9L5H_sdNTRjFB
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: j_HX3DAhBgqVbmXVlNQfRHSVTzuatvzL-HbYaf2i-cjCRfYivByHnA==

GET
H2 200 17.476e9aab.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 79 KB
20 KB 347ms
346ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/17.476e9aab.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"b173e0f836b953dbfe3cc5b6f7998e32"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Makaq_gpS4VURm2Y6rXMU_s75TU7K9hM
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UGKmE1iBMQZ8JshCVRgPeg-03JQbRqVqX5c-YJ4jSIm2cRJ0nnAILg==

GET
H2 200 24.05a5d00e.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 48 KB
13 KB 352ms
351ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/24.05a5d00e.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:09 GMT
server: nginx
etag: W/"7c902daaa997b011f1e41f08418f4919"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: h6KX_In.TbaHrRtSbm9Wg.dZqwEU2m2T
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ojVswUi8oz-NSBMnhQXqT_c15Tql1fY_jj5Ivz-4quHIFXReK2qYPw==

GET
H2 200 15.c7403a77.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 40 KB
13 KB 353ms
352ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/15.c7403a77.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"9fb8c393c69ee24f7ce7d62df0e4afdb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Aji_ExLXaz80qLYFKP4W1NUTlVaiVbgs
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KBNXnP3FwJ2M800Q9q0xrw9H2_7XyD-tNpte7VAGZ_N55Eo6d12tcg==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 334ms
333ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=46057d91-98cb-42ab-8660-47bccfef8624&session=3c5526ed-8171-480d-87af-fdaeb57a467d&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A11%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A11%3A57%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&pageViewId=9040817f-09b6-48c2-84f9-f918b17d462b&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 48.36272856.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 47 KB
14 KB 143ms
139ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"11fc6ce0a6034588f5e23638e2b6c3f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ChtUqryNYu5xI3CdfAsqp2eA81vWUaqx
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _uD0DZxFWLEVX2Q2HizCRjOKxNOZLlEHTKkoU_hfl3tg8Oh76Faauw==

GET
H2 200 22.fd21eb42.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 44 KB
13 KB 330ms
325ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zPEwGsJO2GOXFHj8FOoox_vv4ChOYfMi
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PJPwbE-c1BKtPsCS7mTB3wSc6SWWaTBKBLVM_61lqHP-cc-bWN4RXA==

GET
H2 200 18.40ab7295.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 16 KB
5 KB 146ms
141ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/18.40ab7295.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"fafe5f62fc3aec49b7966fa154962db8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j41UkziZUJwWbrG0CUmyzE3aF_anbP3m
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ICbay3tG5TTLMOMGkXBn0wROrDPnJC-PSsopMbftz-Tkd9A5fKgIFg==

GET
H2 200 39.0cc86423.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 25 KB
8 KB 336ms
331ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SpI.sueRnZrBRR7HPfz2cmdeWfyNSaK3
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tk0bdD4pKugxfJN5YR4xNA_mhbRsFivk49VKj0VFC3exO8FMIWfa8g==

GET
H2 200 20.8c21ea18.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 74 KB
23 KB 336ms
331ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oFrM3dzrhH1DyCTr3n.Sa2JzPNnGezf6
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5DdBGNoo2ExN0szbCuTc2Q6TDtOoGIaxxzEWxdI6LzHMdlALM5F0rw==

GET
H2 200 25.8f107198.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 59 KB
19 KB 326ms
322ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g7FL8jZBBAi3p8YuObM1ZmUZKpb7MuM4
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pew7fHC6KOSjgYfUmdyQHcKc2jD-tHiJBJ8_ceHLHWNATyFAr1YdGw==

GET
H2 200 13.3e86f1f6.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 91 KB
28 KB 333ms
329ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AxnZ8nC4Q3DuokuMRzz.UbB8aA156qN1
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U_c_CTwMmBUVOg2izMPaviuifF5kNp0dLaMRfDjcrh5F9yMONRtRNw==

GET
H2 200 11.639238ba.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 23 KB
7 KB 332ms
328ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 41Rj_7QKP59w2WnODlMWAa6QFTo_5uBY
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TOhYSTXAMAjhsOjzaQqzbzjkj97Jo5EndHdaftWTYm1au4dy2g5plQ==

GET
H2 200 16.fde6fa28.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 62 KB
20 KB 147ms
143ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0xZuV14y624uLSujRriaDc3gqoEfur.i
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g2NhsFn2E-UXwMUUuv8n1s6zb_sr19nyl-7Ab0iiOIiLvAVuzvJOIw==

GET
H2 200 46.c9d569f4.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 105 KB
34 KB 886ms
882ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/46.c9d569f4.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"60ea9f8ff45a51f96f67728ef12e7e79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oUPGVpakMmoJerO2MwT3_xwAqKjkt3EO
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Lm8Ap1v2DelusFy3oWvl_6-UBQrV7CKlzHbaeNZ1pS2PmwNTixPi8w==

GET
H2 200 37.9da17c94.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 12 KB
4 KB 349ms
346ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5SBsoGmcP9N86ozFwl1TdhprKX5njRD0
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e0RAgy_v1Wl0UlAnmbjGr1TSERibb9IkMjNu0AbmLj4Ylg180wi8Ig==

GET
H2 200 28.190877b8.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 13 KB
5 KB 335ms
331ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EoHU2.ZmCXZqPxgkHs2ufHdi99tEdALt
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EnLpXunvz1mwNeEVYc8uVqDyD8vwLOqlB--KRuxcZ9fci40xXDQfhQ==

GET
H2 200 21.b8c41db9.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 17 KB
7 KB 152ms
149ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XMKz64The0KMyOy8NmPKNtYJQSVclmxO
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KqUyYLVOywj2NhbbSvKTifKu3W7ZDC_wXBeLgOgUszutmjpEfUQsiQ==

GET
H2 200 9.169d3073.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame DF1B 14 KB
3 KB 325ms
322ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/9.169d3073.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:56 GMT
server: nginx
etag: W/"b35f8e1e1998cfcf5160bc69e61be733"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PZY.oixBibrDNnD59vTC4Op0rvbjRJ63
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: faBXDWD3NbaSd_Kx6z4urqDlakOSFjV70X03FFex2UOrgJC2DdA-qg==

GET
H2 200 9.4e9a6912.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 75 KB
23 KB 335ms
333ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/9.4e9a6912.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:10 GMT
server: nginx
etag: W/"1583eb6b96fc71c5f3e5fe4b18d55653"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MMkDWFVJ3r5urAC5RWnxS3iyLZdWunFL
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zGwYUdU6eYs9ZALzuLXx2nW30n7Tpczr8lKXfqVcIyrWQ60mVAYCsQ==

GET
H2 200 17.22abfce0.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame DF1B 24 B
665 B 332ms
330ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 24
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7M8NQbikpJSuSrkEvIs9L5H_sdNTRjFB
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HQSZoj9gQama7sh-ymOh_ye_AZGF4qCEncbfXBNOfM77aaAeIInGFw==

GET
H2 200 17.476e9aab.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 79 KB
20 KB 895ms
893ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/17.476e9aab.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"b173e0f836b953dbfe3cc5b6f7998e32"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Makaq_gpS4VURm2Y6rXMU_s75TU7K9hM
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zZV92ccUOOdif9kfFPyHWJibdHWvvfP8SRwyU0pfkk0E7TuVP3vA9Q==

GET
H2 200 24.05a5d00e.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 48 KB
13 KB 333ms
332ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/24.05a5d00e.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:09 GMT
server: nginx
etag: W/"7c902daaa997b011f1e41f08418f4919"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: h6KX_In.TbaHrRtSbm9Wg.dZqwEU2m2T
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kMWP0t1C_qZVPVH1ISP9Zmj80R6kzDFHDJGkCVe0yv_blS-Rb2FKhw==

GET
H2 200 15.c7403a77.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 40 KB
13 KB 329ms
328ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/15.c7403a77.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"9fb8c393c69ee24f7ce7d62df0e4afdb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Aji_ExLXaz80qLYFKP4W1NUTlVaiVbgs
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XosXs_m4Y-JOwmCZT8bjdT55-9jCdS15DGJYMtvxpzw0gFYVbnveEw==

GET
H2 200 34.11d2b6a7.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame F651 3 KB
1 KB 141ms
141ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N_KxzZjd_ZP7LOgqtLd8HsFjreqtn5pz
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H0tlEwRbXlrlXMjLc6St3GQg2Eg2hdCiAy3XeND9cAHjbxYsKpboIw==

GET
H2 200 34.07340d2f.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 3 KB
2 KB 140ms
140ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/34.07340d2f.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"f732dfb3db72f996e1f4bc0225629a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JA7QRqqET3KSoiBpnl7nMN06us6LfCgP
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b1oOjHmEHffYJA9bk6ljSJX2azW9poMWvIstLUYfqjueJt9HZjFDgQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 9 KB
3 KB 144ms
143ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:56 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aFGQuvpb3gkE3VQYCE5vHHYhRZDJU4CG
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6rTaLgBaJgB2NkHVjh6jYcn-OWwvPyL-QT4fbOF_FajILq504TURFg==

GET
H2 200 3.07aa08a5.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame F651 7 KB
2 KB 141ms
139ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H7cDCpm5lvDgDqsMSByhyAuCW8k6VnRi
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EkVgwugKbGr6K5tFHoSeFFXghx6drEfNYQG-Sn6yLhQKdJZMBFR54w==

GET
H2 200 3.f50b964b.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 54 KB
15 KB 143ms
142ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2XtzxpgUbtghBGF1QyGMDft6S5hwd5Ht
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KXAMSBRXB1-eK-Q6P_rUbCYWNdBQZ6NPUiUk3uh7ZzhM-Nz14aXdXg==

GET
H2 200 1.a51daee8.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame F651 43 KB
7 KB 145ms
144ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/1.a51daee8.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

79b11c988e0926dcb77087f3c39a3c72f7226421b7992fa1aecbf89634906a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"2f8b87e824e4cc9983e43d6c7156ae79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _MkOIVop3VQW_bSIss_zdcnIVv9v489V
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J2y61WjNai1GAD6buYRyL6Hm-k7WAkpcIijinr27UR1Evhc9IBmnWg==

GET
H2 200 1.04a9dcea.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 73 KB
25 KB 148ms
147ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/1.04a9dcea.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

a19f7d373e0ca741a7e91bbb2e361a16e131ba3ad9482b0690d75bfac9463f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:07 GMT
server: nginx
etag: W/"0c3efd46a135f85a5f588cb042dbf5e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W9JyY1N6T0SfQngqvUrKtlBS3dts0P7d
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8C_fxMBopKEgyVhqw-Fmepmgc2a2NI8IZHzENUyNfCfkQS59XL2PSg==

GET
H2 200 32.a39c83a8.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame F651 14 KB
3 KB 150ms
149ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/32.a39c83a8.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

8c83e8a58f1d0c88d1574a24d528a31d7804cdd0741235010bf4ce5ffd30b878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"a5e166130ff052851935f17711177b8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OXkfWLhylAtl0YNtNVH1GNzXWw6cVRUz
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S4iksTG0l1TOrPiNwdpPnE1kYyf1CG1e9Xk-0EgnEt8TveZNV0FVlQ==

GET
H2 200 32.a2b7c4c5.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame F651 12 KB
5 KB 145ms
145ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/32.a2b7c4c5.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

08180fe4782eb8a2703e219199e24d517b5a53544a9927aa56d65abe51d7b131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593115816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:11:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 18:12:24 GMT
server: nginx
etag: W/"0556ad2949a758efdcc1debd3a59f9cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Oi8_qmktBlzygQE2aZshuaFltw01i0ao
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tvjwv56IipQ0EGR14W6PVXPE8FdUIJ3ScomiB8j7tJ6yNNrG1doMNA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 321ms
321ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=46057d91-98cb-42ab-8660-47bccfef8624&session=3c5526ed-8171-480d-87af-fdaeb57a467d&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A11%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A11%3A58%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%223011%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&pageViewId=9040817f-09b6-48c2-84f9-f918b17d462b&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 9 KB
3 KB 164ms
162ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:00 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:56 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aFGQuvpb3gkE3VQYCE5vHHYhRZDJU4CG
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sQcAq7VWWh5MXiIyucK-9q2vzh1n5S2j2P8BcO6Fyb82cpo9UOCS2A==

GET
H2 200 26.2d4cdbd1.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 34 KB
10 KB 1498ms
1497ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:01 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"c55d27c90bd5affbf7c7047151ac3b6a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: n5Y2H81f.oczzI0wU78KJf2ydGwTm9Lp
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SnJ3YycjOjsv_EIHDgOC8-_x8GAioUgsNZ3DUYbSDWf1cJ5UAs7pRg==

GET
H2 200 27.9bf46b67.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame DF1B 8 KB
2 KB 141ms
140ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/27.9bf46b67.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:00 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5vdq0qaAsz.MotsXluqUHx8rSd7Ae6Fe
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IPl38jZwZWqwFMIdqGJm9iFFNB52cZMuO5tO4tdrYDnDp-cRRRRI-w==

GET
H2 200 27.da34d730.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 15 KB
6 KB 167ms
166ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/27.da34d730.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

1cc6a48f644462f4735b7a259785e44eea1a53b6a429c74693ef475535c10d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:00 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:09 GMT
server: nginx
etag: W/"46985c2ac15d55e93878f9a279658a9b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T_8zB8fkNHNpuiFbLa3o6egd.3lD3VlK
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s_d8CX9NIxAUZTnA2ljTNyyi7X5cmZxte0mU6RQhj__GPl4YCt6t2g==

GET
H2 200 19.c695453b.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame DF1B 365 B
1005 B 146ms
145ms Stylesheet
text/css 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:00 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 365
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f80UXl8VQ_8VGE7.OAJv7cWacri13EiZ
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YL951ua9fpGQoCS_prGDiKZlckyunvMSmaG7ykPrrixumTkK009G8A==

GET
H2 200 19.9fb02756.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame DF1B 88 KB
25 KB 148ms
147ms Script
application/javascript 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/19.9fb02756.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-21.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

8c046caaaa9685e9a752b2c7d26b145598a30bb98c86bd6936ae0860b7eaa9c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=f6265dd1-0b74-4230-b033-888a07e4f0f8&sessionStarted=1663593118.103&campaignRefreshToken=3af649be-e1d4-433e-9d24-820f92d97060&hideController=false&pageLoadStartTime=1663593115816&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:00 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"fdebd50a6fda76541dafbd23c5989673"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P3R0.eclLQSH4ker.fvNiwdEQ1YR6gWU
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qQoMfuSPQYQqiinE3YsCKlqRbtHwCBJ54VJgFC6uGnMiPM2SqrqICw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 343ms
342ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=46057d91-98cb-42ab-8660-47bccfef8624&session=3c5526ed-8171-480d-87af-fdaeb57a467d&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A11%3A59%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224011%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&pageViewId=9040817f-09b6-48c2-84f9-f918b17d462b&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:01 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame DF1B 25 B
123 B 126ms
125ms XHR
application/json 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-animation-feature.js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 13:12:02 GMT
server: istio-envoy
requestid: 517ab6d261fb47c9
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 459ms
112ms Preflight
text/plain 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rc-animation-feature.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 19 Sep 2022 13:12:02 GMT
requestid: drift45822ec44598649defc9eba759e
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame DF1B 147 B
245 B 129ms
128ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-animation-feature.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 13:12:02 GMT
server: istio-envoy
requestid: e531d6a1dc2e53c1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 440ms
111ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rc-animation-feature.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 19 Sep 2022 13:12:02 GMT
requestid: drift2790d734471a0ca5ffb0664ed59
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 336ms
335ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=46057d91-98cb-42ab-8660-47bccfef8624&session=3c5526ed-8171-480d-87af-fdaeb57a467d&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A00%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225012%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&pageViewId=9040817f-09b6-48c2-84f9-f918b17d462b&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:02 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.armorblox.com/	1970-01-20 08:16:09	Name: _gcl_au Value: 1.1.1878231451.1663593117
.armorblox.com/	1970-01-20 14:52:09	Name: _biz_uid Value: e142a8da6dab42e4b73482cdb7768e4f
.armorblox.com/	1970-01-20 06:06:34	Name: _biz_sid Value: 5dd3a
.armorblox.com/	1970-01-20 14:52:09	Name: _biz_nA Value: 1
.bizible.com/	1970-01-20 14:52:09	Name: _BUID Value: e142a8da6dab42e4b73482cdb7768e4f
.armorblox.com/	1970-01-20 14:52:09	Name: _biz_pendingA Value: %5B%5D
.armorblox.com/	1970-01-20 15:42:33	Name: _ga Value: GA1.2.777831392.1663593117
.armorblox.com/	1970-01-20 06:07:59	Name: _gid Value: GA1.2.1081358131.1663593117
.armorblox.com/	1970-01-20 06:06:33	Name: _dc_gtm_UA-103936869-1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GVGfJN1c7-k
.youtube.com/	1970-01-20 10:25:45	Name: VISITOR_INFO1_LIVE Value: dHyOgztLIjw
.bizibly.com/	1970-01-20 14:52:09	Name: _BUID Value: 3b2b1fa0ad186375995e25a2e6135c77
.app-sj27.marketo.com/	1970-01-20 06:06:34	Name: __cf_bm Value: ljzUipQeeJd6Qxe26FCC3gFCnExNz7GoBI3uUDfXhag-1663593116-0-AdLiUDsl9i5HDGZ9/UfNUWugx4/2jOL9qlYcz3mbAsT3HozB3+toNXeimptVuVVyC7GSpR4P0SfDNGL0ajzSpbY=
.ws.zoominfo.com/	1970-01-20 14:52:09	Name: visitorId Value: 3205d8665bde1bbf5ad56023e154620f7a12e1cd89ac194cbd75b6cff1e9fb38
.zoominfo.com/	1970-01-20 06:06:34	Name: __cf_bm Value: RaXjOV09VWtyuMcOkgOTAQNs8ck9tFIoCyIspw9anKE-1663593116-0-Ad+XvbXugIridx4nELTY2JhiB/z2Airs2c0PLqm+6sgz02CkMrppPoA7pbFAetA3iY6DwSwTgCRaaUd9kjUvmOk=
www.armorblox.com/	1970-01-20 06:16:37	Name: _an_uid Value: 0
www.armorblox.com/	1970-01-20 15:42:33	Name: _gd_visitor Value: 46057d91-98cb-42ab-8660-47bccfef8624
www.armorblox.com/	1970-01-20 06:06:47	Name: _gd_session Value: 3c5526ed-8171-480d-87af-fdaeb57a467d
.armorblox.com/	1970-01-20 15:42:33	Name: _mkto_trk Value: id:176-XMJ-030&token:_mch-armorblox.com-1663593116998-38217
.armorblox.com/	1970-01-20 08:16:09	Name: _fbp Value: fb.1.1663593117012.201712771
.doubleclick.net/	1970-01-20 06:06:34	Name: test_cookie Value: CheckForPermission
.bidr.io/	1970-01-20 15:35:06	Name: bito Value: AAP7RU7GUNUAAA-IdKXfHQ
.bidr.io/	1970-01-20 15:35:06	Name: bitoIsSecure Value: ok
.6sc.co/	1970-01-20 15:42:33	Name: 6suuid Value: cfd5ce17b88200009d6a2863bb000000c1bb3600
.armorblox.com/	1970-01-20 14:52:09	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.linkedin.com/	1970-01-20 06:49:45	Name: UserMatchHistory Value: AQIshBgrIxmQqwAAAYNV4HaAl2YmnfIonbj9bnotJGOU1FGXfP7GkeG-o6C7K1r7Uv83wancL9yyAw
.linkedin.com/	1970-01-20 06:49:45	Name: AnalyticsSyncHistory Value: AQInzYP6cZnurAAAAYNV4HaAEPI5o2E0ziX-0lZ3p0dcgaPUqSJIMJlEDomOWv09Nta1yQ_Rke_SQYZyIapDYA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:52:09	Name: bcookie Value: "v=2&12e47780-6f04-41cd-8a20-5529b83ea930"
.linkedin.com/	1970-01-20 06:07:59	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2449:u=1:x=1:i=1663593117:t=1663679517:v=2:sig=AQF4RoFbWtNdx4MBc63gZQTL_9oCYJXB"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:52:09	Name: bscookie Value: "v=1&20220919131157f61bd7ed-5727-453b-859a-5a447b7e32ddAQGjJ1f8o_C-NSdcTgrnyoCEd-wZGxeU"
.linkedin.com/	1970-01-20 10:25:45	Name: li_gc Value: MTswOzE2NjM1OTMxMTc7MjswMjEAbVg6sqiLOc7O2sGv9z6N6jBloJnhj9mo4N119yW1sQ==
www.armorblox.com/	1970-01-20 06:06:34	Name: drift_campaign_refresh Value: 3af649be-e1d4-433e-9d24-820f92d97060
www.armorblox.com/	1970-01-20 15:32:28	Name: _pk_id.317.04e9 Value: 355a24535b9ec754.1663593118.
www.armorblox.com/	1970-01-20 06:06:34	Name: _pk_ses.317.04e9 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711861.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

176-xmj-030.mktoresp.com
analytics.humanautomation.ai
aorta.clickagy.com
api.storyblok.com
app-sj27.marketo.com
assets.armorblox.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
connect.facebook.net
epsilon.6sense.com
googleads.g.doubleclick.net
hemsync.clickagy.com
id.rlcdn.com
insight.adsrvr.org
j.6sc.co
js.driftt.com
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
metrics.api.drift.com
munchkin.marketo.net
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
rc-animation-feature.js.driftt.com
secure.adnxs.com
segment.prod.bidr.io
snap.licdn.com
stats.g.doubleclick.net
tags.clickagy.com
us-u.openx.net
use.typekit.net
ws.zoominfo.com
www.armorblox.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
104.16.93.80
13.107.42.14
142.250.186.162
143.204.89.99
152.195.15.58
18.195.70.228
18.66.112.118
184.73.246.234
185.89.211.116
192.28.147.68
205.185.216.10
23.205.237.4
2600:9000:2057:8a00:f:71f1:7280:93a1
2606:4700::6810:650c
2606:4700::6810:9440
2606:4700::6812:1ecd
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9d
2a02:26f0:11a::6867:4841
2a02:26f0:11a::6867:4868
2a02:26f0:3500:16::215:1495
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d014:275:cb01:8909:43f0:2069:7b77
34.193.113.164
35.244.159.8
35.244.174.68
35.71.131.137
44.205.92.219
50.16.7.188
52.51.145.228
54.162.244.84
96.16.137.162
99.86.4.21
03f8a6e311621073ef87440db078abf904e8b830e51fa2a39188ce5915531e68
04f9098825e7c5644552ed96fd1e01bba9bd0c074784d085108ffcc889c06f56
08180fe4782eb8a2703e219199e24d517b5a53544a9927aa56d65abe51d7b131
08f2c07d0512cf4fded20fafb75e78d1ec3f9f40b739c1c04a72f18566c762a1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46
1246259c5cf8f47c60b8c93a1610f9fc1a19c0bf89a6efccce7792d6993066d1
132e0a9dd6275c5353db596f5fec132a5120ff9ad39ab3d27eb4e7ad2b7f9a26
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
15d69b5673cf488a9115372ebf1c3c3410cc5f9aaf58b283ec5c450aa9eb3d0f
162e18544f336f5335835730a3d017b65749cda68d94de3efafe10d679fa72a7
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cc6a48f644462f4735b7a259785e44eea1a53b6a429c74693ef475535c10d7b
1d974f1e1e970e41c63cb0e33398d884db88acac2ba98ec8b9a8df204fd310fc
230cef17f8b019c9e5987e1966b3e131c21fa794a0d76b3a4a712fa849dbee58
2506da391f7bf08d8933cbf783cca162d930429b131903dfdc1bb198a60a821e
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
260c3eb2159e04ce0d647d9beb0e3f2758a82136ea5806d32ea3c50d1b2d8d3a
273b9dc19af04ac2dd618b4b6ae690c2bf7bde4715d13a48126a75b68eebaeb3
276ce26603da0a4bf9d16f692e149734aa6a26eb4e56885938cd8c5582c6d423
2bc74d8ac684c2c07dc2c4c8d3df18d6f350631954a49fb342eac5aa13dda267
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
376c16c0f5598f8c744c19291f060232fd0bfa3cd685e7bdbedb5bd1d5779c56
387a1704361cb17281be02571bdfe530bfb26ad461073b51bd94a289dafdbcbb
3a808a0d38265362afe28171f6ea9eafcd29fe350d2fe54418ca4b9f593707d0
3cb45867ace25baa1d6bcd56d05739fa8733cbadd9959fb33c2c038037a8742d
4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce
4220b911e738c2f8bba237c1e36999914165cd1fa8a1dea1240a87fc461f5f65
42a8f795eb7183f35ebfa83536ce0c6bac400c532157b6cd0551ab3952ade5b9
42fc1ae55974f761daff6f271095d76b4ebdd16b9c7562960ee5bea66e8ae60c
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
47d0606aac29b8e5df0845350e3fec479cc51387efb7fef9b3c7bb181b8c7a1c
4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5571f1943dcc57dfed00e9e8c9bcd1588d1b9eccceb9c9472219167cdad0e933
5609cd1f7eecd11ee97aac287f6d44f91cb1c19f16d6fa11fd82acab3eb9cb75
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56
5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765
5b6f9abbe03119dc36e88acddcb8e50d8522352723c5fd5f1e6c0c3426b4ff5e
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e206d921645cdd77ae1c4fb411bf3d04032d350cddadeb6888dd566ae1d5095
5ed7071748f7490216d3f80c420696657ddc7d882d48daac1e9bbe2721840a52
672eff660abe4418afe333b3314d7145f844762d61b7b2b340f99c71775d7dfd
6a8f5d3db22e41774d495f5590e386c65e45ee9d6e3019ade87e5a5f9eadf5b0
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6fa43750cb547f586079eeae5798a3a92b84459973c3afa6dc6c5117ade20e43
6fb157dac2d6ccd2be331cc55e25534ae33cca5e7078fbc89576450e954a156d
6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6
7001ada63b35c370c5c207ef8c85d0ae5bd79c826599f1d2bc36de67a6531ea9
71b0089d7c527e6a7531b790e4506f3b2705f5cbb8b3f95a5ceef1fa55cf9338
71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211
769990a647786311162340702d2236fae7bc9430ee662c2b01b6dd6a89fef3aa
78a0c246d0f89264c120505dc030b7aeb15c8290b4025c27054b7103af03f1a3
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
78df6e891c6153241987a2beb3ae39271274a094c36de4922cdc69a23b4811b2
792506c76d7f282c24ae785c306e1027e4238d09ffdd2c33df7a6cbb5fe4e43b
79b11c988e0926dcb77087f3c39a3c72f7226421b7992fa1aecbf89634906a48
79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf
7affec8282a03eb4eb47780a46e9d8c7f2f5603cfe6be321dd064d03ac60eef3
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
809db6c849488a111554cadd2cf358db4a820e9d908208250be6d155c2aacda2
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85309942cee52cab47e92148f4c21f15984a1e08a6ed7cbb63e275cabd3dc075
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
89bedf9a0b818f5271c43462a30b5574c4dc36f2c79838902d03f005be824c0d
8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9
8b29ef7adac993a0cb8042dcb6705fe6e6b13ae8d3c4bf2f6579aa6ae90ae534
8bcc8bb2f2e6001f7731f1b972e939012587a465345af843c6ab9a9c461aeb8b
8c046caaaa9685e9a752b2c7d26b145598a30bb98c86bd6936ae0860b7eaa9c8
8c83e8a58f1d0c88d1574a24d528a31d7804cdd0741235010bf4ce5ffd30b878
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eba5a7ceaec1b523c20b1a82dc4226ebbe7931530fed009e97b9df5d9e6367c
8eefeea093168e2e7c715358344b72d9aaf8815d2deb320dcaa934e4d51eb147
8f27cedaf17cda78d6e31b33e5bf69837621e7f41d1aaaf2305ab154cc33064e
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
91e79f3fdab70c2b8877f2add551c2717d0c2e4b715c177297d2d586a1e3584a
93a805e1e77c07570d61dda3ff689dcf2a205ee1452de272d4a2d17e29c352ce
9a955a830fe4c3916de9ff562a0b8b315e40a862dadd9e456b3266ebb1131497
9ab17804e34a235e778a2fcad45aac8737900071ecc51aeb9b944942faddb8a7
9b05f32b262a8ddfa4c0322b0b4b376258b7996177b98d5a1e2b4585d20cba27
9ce57e5c30223b7ee626c24140379468fd259d95cd2a19fbbe05a2b4f2969456
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19f7d373e0ca741a7e91bbb2e361a16e131ba3ad9482b0690d75bfac9463f7a
a40b9fa9a7440c38759c2c8402474e113d3956bb08b77159a4791864d5fb3345
a58dbc67f90f6006af9638b454c3cc2d65cc7125947095587ea7c4b372b11aeb
a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1
a88cd5d2766532b8d722540581011ad2fe22441f7ec0db584d86dea3787f2fa9
ab4f468b462952c0b24e589333f2b18cb4ff05177c3d9353d24e8f44d519d2b3
acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c
ae67e45cd6461f3b5066ec7092c7b75d782741091fe7d7a852f09090a41bb470
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b3d5b4be6e7a2889c7f7b173472375ce3b2da6033948af5a4484bb7530f06552
b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b71f76186117ab510aca8eb8208815da837acdd4b29e171c9897993175c28878
b726950d58a01f4ff987fc29a610f871b1055f749185e626a4b1916f968f1bb5
b75d669453c5377eebafda19b9ae0b4583853a06a5ba817fad8174adacf7fe69
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8700764b4f3e4497c18f481fcb140c4c32aaf2b091d4a5b97bfe3620f8107e4
ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bc1365163acf680a1f6034ea4ffb60b748a7a71ebee3d911989771b4962486d3
c103627751ca38778b802e130cfa523aa0fb47552fada36f9cafca65dc8bf7e8
c196eda385cab60127300efb93c6ee115a48025ede63f48cdd7c7e2a93f27966
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c56d2e2a7cb5a74f15d01417d51fc16c7b3745f0aaf96496f819d3d04e5391b9
cb17ab922f4d5724f0a90ff0115610a966674e21428fa20b089f496a21cdf71d
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
d0b8a9530fe420d782e19330e0f0efa1063be86f3ddb516908afcd3ae653ac5f
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d3383dd19ed9aad4099c7b406339e82c23385d4d015eba91ec048bbdb8051f25
d3629679a7b8c5d0d6af84a5aca6ef0e8fb7f966b39c6a64cd584dbeef2ca5ce
d42b61b91e910fd6515346f7dd2f09542a3fd2cb080e14ea1a737c414abeb085
d7166701ae98da2295d5e82857f3d7dc1baa451671130585ef74283729c25874
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c
daa698c8bbff0f8896f590e544f06c470d03af0dc6d7ecdec4b98e5f6580df5f
dba17f1b29b3b3637d709f951023ea1655b08c6b4f40fd612c5e927ba72829fa
dc993be385b63c746e962cc42adb2ba08a67c3c5eafbd08b28014e105aa8c2d2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
df26a4efbeab7bdc6099663f5762fe2b6c6fd53230064e7503104e3a9582fc37
e046beb1e5af3b7941fe46f8a42016dfa89157e68b398da5bb61d49b6eb47bdc
e079894f0fbf15f3eaa5d999e208a2604f5ea85e7e3790013b1e990e01dcf0dd
e2d4580826066e1532c01cc968fd02336e372b28773584a80c37801a22445a06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e416bac21f51ef7a9aa172a4c2f761846cb36fe6ae55b6439a6db80b3ff548ad
e4a3280211b5fd200c4d4d043763886820517771353f9fef82a88c52ab5855a7
e5035c8d058e1c25449d6d4852b063de6329a8b4a73dc84f94fbb405f8967d35
e833fbc02878a06d85aa9e8378e939c676f085fbe2d7d385c85450538bfcbc92
ea17b188eae034fb67096532b668918f0e2bce73276ce1d26e5b314cff41a2c4
eaf1df68503e4437806bb51d28eefe54beeebdf13684a25f2d6a9a86ee96dc32
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edc6475a76eaa61e6c169cfb7bc233e617fb7322904a194355fcbd7e34e61f41
ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1890ff50be4ff79cf7cb28fed7df1839a7d430a9c31094810ec4ea8e5b2fffe
f1d2fc79d147c71aa167b407a47319b8c856948b3200705890a96b312ddf1664
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fb54ec2c7611cd695804c36982789e9595d5bd6bdfee1571e7918485eb82c4f2
fc1e1b414a41e1039d0995863c848978cead85dd93713dedde86a5f4036f046c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2
ffedecaa5ea039ffbdc1cc9d651a4856e08a9f2bbd9e2a5dccefc7cd38e42226

www.armorblox.com Open in urlscan Pro 2a05:d014:275:cb01:8909:43f0:2069:7b77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

217 Requests

98 %HTTPS

45 %IPv6

33 Domains

44 Subdomains

40 IPs

6 Countries

7256 kBTransfer

16438 kBSize

36 Cookies

7 Outgoing links

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.armorblox.com Open in urlscan Pro
2a05:d014:275:cb01:8909:43f0:2069:7b77 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

98 %
HTTPS

45 %
IPv6

33
Domains

44
Subdomains

40
IPs

6
Countries

7256 kB
Transfer

16438 kB
Size

36
Cookies

217 HTTP transactions
3 data transactions