www.menlosecurity.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o=
Effective URL:
https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium...
Submission: On March 31 via manual (March 31st 2022, 5:34:00 am UTC) from IN — Scanned from DE

Summary HTTP 170 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 24 domains to perform 170 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.menlosecurity.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 29th 2021. Valid for: a year.

This is the only time www.menlosecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dcc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	13.225.80.24 13.225.80.24	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:1400:13:a3bc:6800:93a1	16509 (AMAZON-02) (AMAZON-02)
64	13.224.195.69 13.224.195.69	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:c400:9:14eb:6280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:15c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
8	13.224.195.40 13.224.195.40	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.195.94 13.224.195.94	16509 (AMAZON-02) (AMAZON-02)
8	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.195.37 13.224.195.37	16509 (AMAZON-02) (AMAZON-02)
1	52.17.146.14 52.17.146.14	16509 (AMAZON-02) (AMAZON-02)
1	13.225.80.110 13.225.80.110	16509 (AMAZON-02) (AMAZON-02)
2	18.185.122.172 18.185.122.172	16509 (AMAZON-02) (AMAZON-02)
6	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.195.117 13.224.195.117	16509 (AMAZON-02) (AMAZON-02)
170	30

7 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.menlosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
info.menlosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.menlosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dcc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-24.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1400:13:a3bc:6800:93a1 (United States)

ASN16509 (AMAZON-02, US)

hubfront.hushly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 13.224.195.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-69.fra2.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:c400:9:14eb:6280:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2i34c80a0ftze.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15c (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.87 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.195.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-40.fra2.r.cloudfront.net

st.fullcircleinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-94.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-37.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.146.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-146-14.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-110.fra2.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.122.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-122-172.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-117.fra2.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 5606	752 KB
46	menlosecurity.com pages.menlosecurity.com www.menlosecurity.com info.menlosecurity.com	1 MB
8	6sc.co j.6sc.co — Cisco Umbrella Rank: 7945 c.6sc.co — Cisco Umbrella Rank: 11644 b.6sc.co — Cisco Umbrella Rank: 5608	14 KB
8	fullcircleinsights.com st.fullcircleinsights.com — Cisco Umbrella Rank: 95980	9 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 487	113 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 6164 bootstrap.api.drift.com — Cisco Umbrella Rank: 6466	455 B
5	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 436 ib.adnxs.com — Cisco Umbrella Rank: 245	5 KB
5	gstatic.com fonts.gstatic.com	116 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 385 www.linkedin.com — Cisco Umbrella Rank: 595 px4.ads.linkedin.com — Cisco Umbrella Rank: 4868	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 624 script.hotjar.com — Cisco Umbrella Rank: 958 vars.hotjar.com — Cisco Umbrella Rank: 1008 in.hotjar.com — Cisco Umbrella Rank: 1743	66 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	3 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 14271	410 B
1	driftcdn.com embeds.driftcdn.com — Cisco Umbrella Rank: 6566	5 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2303	256 B
1	t.co t.co — Cisco Umbrella Rank: 463	338 B
1	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 13765	1 KB
1	cloudfront.net d2i34c80a0ftze.cloudfront.net	11 KB
1	hushly.com hubfront.hushly.com — Cisco Umbrella Rank: 281861	58 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 622	6 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 938	3 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 788	457 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	72 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 229	7 KB
1	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8866	32 KB
170	24

	Domain	Requested by
64	js.driftt.com	pages.menlosecurity.com js.driftt.com
39	www.menlosecurity.com	pages.menlosecurity.com www.menlosecurity.com
8	st.fullcircleinsights.com	d2i34c80a0ftze.cloudfront.net
7	cdn.cookielaw.org	www.menlosecurity.com cdn.cookielaw.org
6	b.6sc.co	www.menlosecurity.com
6	info.menlosecurity.com	www.menlosecurity.com info.menlosecurity.com cdn.cookielaw.org
5	fonts.gstatic.com	fonts.googleapis.com
4	metrics.api.drift.com	js.driftt.com
4	fonts.googleapis.com	www.menlosecurity.com info.menlosecurity.com
3	secure.adnxs.com	1 redirects www.menlosecurity.com j.6sc.co
2	bootstrap.api.drift.com	js.driftt.com
2	epsilon.6sense.com	j.6sc.co
2	px.ads.linkedin.com	2 redirects
2	ib.adnxs.com	1 redirects www.menlosecurity.com
1	embeds.driftcdn.com	js.driftt.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	c.6sc.co	j.6sc.co
1	vars.hotjar.com	static.hotjar.com
1	j.6sc.co	pages.menlosecurity.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.menlosecurity.com
1	www.linkedin.com	1 redirects
1	t.co	www.menlosecurity.com
1	trk.techtarget.com	pages.menlosecurity.com
1	d2i34c80a0ftze.cloudfront.net	www.googletagmanager.com
1	hubfront.hushly.com	pages.menlosecurity.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	www.menlosecurity.com
1	cdnjs.cloudflare.com	www.menlosecurity.com
1	cdn.bizible.com	www.menlosecurity.com
1	pages.menlosecurity.com
170	35

This site contains links to these domains. Also see Links.

Domain
info.menlosecurity.com
resources.menlosecurity.com
menlosecurity.brighttalk.live
csportal.menlosecurity.com
www.linkedin.com
twitter.com
www.facebook.com
www.hrdive.com
www.flexjobs.com
blog.knowbe4.com
www.ftc.gov
try.menlosecurity.com
www.youtube.com
onetrust.com

Subject Issuer	Validity	Valid
pages.menlosecurity.com Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
www.menlosecurity.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-29` - `2022-07-30`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
info.menlosecurity.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.hushly.com Amazon	`2021-12-19` - `2023-01-16`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
aws-st.fullcircleinsights.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.6sense.com Amazon	`2021-06-30` - `2022-07-29`	a year	crt.sh
*.driftcdn.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
Frame ID: E05E378390D759AA48E51FAF926FA186
Requests: 93 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 108754A15FB02FAB9F9B61C569A446C4
Requests: 1 HTTP requests in this frame

Frame: https://info.menlosecurity.com/index.php/form/XDFrame
Frame ID: 5CAE406E40B0CFAE31AA2D2C03ABC986
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
Frame ID: 0F0A96AF9F740AC8FC10AA9ACA2F4E1F
Requests: 34 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
Frame ID: 12EDA2FB62D208A2CF7456D0348C512D
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HEAT Attacks: Evading Malicious URL-Link Analysis | MenloBack ButtonFilter Button

Page URL History Show full URLs

https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvx... Page URL
https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentN... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

170
Requests

98 %
HTTPS

37 %
IPv6

24
Domains

35
Subdomains

30
IPs

5
Countries

2611 kB
Transfer

6320 kB
Size

32
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://info.menlosecurity.com/The-rise-of-Highly-Evasive-Adaptive-Threats-HEAT.html
Title: Learn more

Search URL Search Domain Scan URL

URL: https://info.menlosecurity.com/the-ultimate-swg-buyers-cloud-secure-web-gateway.html
Title: The Ultimate Buyer's Guide: Secure Web Gateway

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/data-sheet/cloud-security-platform-powered-by-an-isolation-core
Title: Cloud Security Platform powered by and Isolation Core™

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/solution-brief/put-the-security-into-sase
Title: Need to implement SASE, ASAP?

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/solution-brief/migrate-from-network-security-appliances-to-a-cloud-based-secure-web-gateway-swg
Title: Learn how to migrate on-premise proxy to SWG

Search URL Search Domain Scan URL

URL: https://menlosecurity.brighttalk.live/?utm_campaign=SWG-microsite&utm_medium=TextLink&utm_source=MenloSecurity
Title: Defining your journey to SASE.

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/all-content
Title: All Resources

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/white-paper
Title: White Papers

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/data-sheet
Title: Data Sheets

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/solution-brief
Title: Solution Briefs

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/case-study
Title: Case Studies / Customer Stories

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/ebook
Title: eBooks

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/reports
Title: Reports

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/video
Title: Videos

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/infographics
Title: Infographics

Search URL Search Domain Scan URL

URL: https://csportal.menlosecurity.com/hc/en-us
Title: Support Portal

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/&title=HEAT%20Attacks:%20Evading%20Malicious%20URL-Link%20Analysis

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/

Search URL Search Domain Scan URL

URL: https://www.hrdive.com/news/most-us-employers-with-flexible-work-plans-choose-hybrid-work-mercer-says/603304/
Title: Mercer study

Search URL Search Domain Scan URL

URL: https://www.flexjobs.com/blog/post/flexjobs-survey-finds-employees-want-remote-work-post-pandemic/
Title: survey

Search URL Search Domain Scan URL

URL: https://blog.knowbe4.com/bid/252429/91-of-cyberattacks-begin-with-spear-phishing-email
Title: studies

Search URL Search Domain Scan URL

URL: https://www.ftc.gov/news-events/blogs/data-spotlight/2020/10/scams-starting-social-media-proliferate-early-2020
Title: scams starting on social media proliferated in early 2020

Search URL Search Domain Scan URL

URL: https://resources.menlosecurity.com/all-content/the-threat-landscape-heats-up-with-highly-evasive-adaptive-threats

Search URL Search Domain Scan URL

URL: https://try.menlosecurity.com/
Title: Try Menlo Free

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/menlo-security/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Menlo-Security-411677528985544/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCN0AikN5dKnhEhmtQddAYqg

Search URL Search Domain Scan URL

URL: https://twitter.com/menlosecurity?lang=en

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o= Page URL
https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://secure.adnxs.com/px?id=1390668&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1390668%26t%3D2

Request Chain 60

https://ib.adnxs.com/seg?add=24198989 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D24198989

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&time=1648704834007&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Fmkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1%26utm_campaign%3D0331ContentNewsletter%26utm_source%3DOutboundEmail%26utm_medium%3DEmail HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D474058%26time%3D1648704834007%26url%3Dhttps%253A%252F%252Fwww.menlosecurity.com%252Fblog%252Fheat-attacks-evading-malicious-link-analysis%252F%253Fmkt_tok%253DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1%2526utm_campaign%253D0331ContentNewsletter%2526utm_source%253DOutboundEmail%2526utm_medium%253DEmail%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&time=1648704834007&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Fmkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1%26utm_campaign%3D0331ContentNewsletter%26utm_source%3DOutboundEmail%26utm_medium%3DEmail&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&time=1648704834007&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Fmkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1%26utm_campaign%3D0331ContentNewsletter%26utm_source%3DOutboundEmail%26utm_medium%3DEmail&liSync=true&e_ipv6=AQLMTowQCIlDXgAAAX_ed0snTnNTlmdCZjNYUj9_vXesGaBDfbJEYyTfyYPrOCtUIfbgdv73bIyu9H1p7IGvoxuEVFpFjA

170 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o=
pages.menlosecurity.com/ 598 B
1 KB 536ms
215ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 6f46b676feba9060-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 31 Mar 2022 05:33:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 Primary Request / Show response
www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/ 83 KB
16 KB 219ms
173ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1

Requested by

Host: pages.menlosecurity.com
URL: https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

8c22a9791005a4151489b67b078b2c48088e9e532279c14eda6b75b2a635e32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pages.menlosecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f46b6791bbf5c26-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 31 Mar 2022 05:33:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.menlosecurity.com/wp-json/>; rel="https://api.w.org/" <https://www.menlosecurity.com/wp-json/wp/v2/posts/4036>; rel="alternate"; type="application/json" <https://www.menlosecurity.com/?p=4036>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: DENY
x-pingback: https://www.menlosecurity.com/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/1a750de4-f18f-43d4-8b13-4ead3aa824f4/ 13 KB
3 KB 49ms
20ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1a750de4-f18f-43d4-8b13-4ead3aa824f4/OtAutoBlock.js

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76804ce7c33290016aab5c20233482652177c5f47939e851ba6eeb1dcd66e7d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WjvqJ2H9BVwwbgiS91SdPQ==
age: 411
vary: Accept-Encoding
content-length: 2508
x-ms-lease-status: unlocked
last-modified: Tue, 29 Jun 2021 20:16:00 GMT
server: cloudflare
etag: 0x8D93B3AB64399DB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 08c9a9c5-f01e-002e-6263-425821000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f46b67a790b0229-ZRH
expires: Thu, 31 Mar 2022 09:33:53 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 48ms
19ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dVKVlVU+J+RB4CMcqf9NTw==
age: 7235
vary: Accept-Encoding
content-length: 6678
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 19:21:09 GMT
server: cloudflare
etag: 0x8DA128271D7010B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fae6a0b2-a01e-0050-406d-44c7ee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f46b67a790e0229-ZRH

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 119ms
19ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6367) /
Resource Hash: cbda94666db24554bf77638fc059848d381c3c98f7f24641fa830abcd5793de7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 18:06:04 GMT
server: ECS (lhb/6367)
age: 9505
etag: "44e9e2d3a93fd81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32300

GET
H2 200 lodash.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lodash.js/0.10.0/ 18 KB
7 KB 47ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lodash.js/0.10.0/lodash.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958c2ecbdd6c6708cf566ceb9b10ffd133ceef822ce81ef460db8ca29e44bcb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6253809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6419
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed2-464d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtcWuvpWbyyJ0wMfM9ZwkXvUspBjdn3J1Gdl1l0a2B6BwHOLaxqgsiWTY%2BcThm1l7ZCNEQudOelH1g6kXrBe9ZDVHlVkAkqF%2BGB%2FZ%2FzVgPILmYWBLDefH1rZgLZGa%2B2h4IspwzaZfwJpglJO6PlXPYRN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f46b67a7e062397-ZRH
expires: Tue, 21 Mar 2023 05:33:53 GMT

GET
H2 200 autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
www.menlosecurity.com/wp-content/cache/autoptimize/1/css/ 488 KB
72 KB 38ms
37ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14a2c4265faacac42460a034ee607f6f347aa37c12e5577fa31ea51db8295d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Mar 2022 17:35:21 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"623cabd9-79fa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67a4d485c26-FRA

GET
H2 200 dashicons.min.css
www.menlosecurity.com/wp-includes/css/ 58 KB
35 KB 31ms
30ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-includes/css/dashicons.min.css?ver=5.9.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"603ffca6-e688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67a4d4a5c26-FRA

GET
H2 200 jquery.min.js Show response
www.menlosecurity.com/wp-includes/js/jquery/ 87 KB
31 KB 52ms
52ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 986885
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:52:53 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cde5-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67a4d4d5c26-FRA

GET
H3 200 icon-search.svg
www.menlosecurity.com/wp-content/themes/menlo/resources/images/temp/ 384 B
589 B 46ms
45ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/resources/images/temp/icon-search.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d31c8324cb19809562244b53cc52b67032e5cb663b758de4cdc5a28169743d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 508802
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67af826994b-FRA

GET
H3 200 icon-close.svg
www.menlosecurity.com/wp-content/themes/menlo/resources/images/temp/ 577 B
594 B 33ms
32ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/resources/images/temp/icon-close.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b065a0026be768ecfa77a6645a074c5c65a789f2889c1d1c4b22e96fd38f1da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 504155
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67af829994b-FRA

GET
H3 200 HEAT_Attacks_evade_malicious_links_Blog_V3-1920x1006.jpg
www.menlosecurity.com/wp-content/uploads/2022/02/ 108 KB
108 KB 196ms
195ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2022/02/HEAT_Attacks_evade_malicious_links_Blog_V3-1920x1006.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1d8469fbf3071c9728df837a0423288aa2a9dda474b48a1e66a5437d49cc819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110413
last-modified: Tue, 15 Feb 2022 17:26:51 GMT
server: cloudflare
x-frame-options: DENY
etag: "620be25b-1af4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67af82c994b-FRA

GET
H3 200 email-decode.min.js Show response
www.menlosecurity.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
937 B 11ms
11ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Mar 2022 11:29:35 GMT
server: cloudflare
etag: W/"623c561f-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6f46b67aafb0994b-FRA
vary: Accept-Encoding
expires: Sat, 02 Apr 2022 05:33:53 GMT

GET
H2 200 forms2.min.js Show response
info.menlosecurity.com/js/forms2/js/ 205 KB
68 KB 289ms
183ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "1e009ee-3326e-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6f46b67b9ed79b52-FRA
expires: Thu, 31 Mar 2022 09:33:54 GMT

GET
H3 200 regenerator-runtime.min.js Show response
www.menlosecurity.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 35ms
35ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 16:35:13 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61928c41-195e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67ae806994b-FRA

GET
H3 200 wp-polyfill.min.js Show response
www.menlosecurity.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 25ms
24ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2961645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:52:53 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cde5-4056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67af81b994b-FRA

GET
H3 200 dom-ready.min.js Show response
www.menlosecurity.com/wp-includes/js/dist/ 1 KB
899 B 32ms
31ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 533198
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 May 2021 00:17:06 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60aee502-4e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67af81d994b-FRA

GET
H3 200 hooks.min.js Show response
www.menlosecurity.com/wp-includes/js/dist/ 6 KB
2 KB 34ms
33ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61925789-163a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67af821994b-FRA

GET
H3 200 i18n.min.js Show response
www.menlosecurity.com/wp-includes/js/dist/ 10 KB
4 KB 33ms
32ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61925789-28a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67af822994b-FRA

GET
H3 200 a11y.min.js Show response
www.menlosecurity.com/wp-includes/js/dist/ 3 KB
1 KB 33ms
32ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61925789-bfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67af825994b-FRA

GET
H3 200 autoptimize_c697a7cc293dd0c71012e3212a1f5ed6.js Show response
www.menlosecurity.com/wp-content/cache/autoptimize/1/js/ 285 KB
78 KB 43ms
43ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-content/cache/autoptimize/1/js/autoptimize_c697a7cc293dd0c71012e3212a1f5ed6.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa39db7477eb8b69561c3fb8075f87796ae7281c31ebc5002c67d2c66c80f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Mar 2022 17:35:21 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"623cabd9-4759c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67af82d994b-FRA

GET
H2 200 1a750de4-f18f-43d4-8b13-4ead3aa824f4.json Show response
cdn.cookielaw.org/consent/1a750de4-f18f-43d4-8b13-4ead3aa824f4/ 3 KB
2 KB 44ms
19ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1a750de4-f18f-43d4-8b13-4ead3aa824f4/1a750de4-f18f-43d4-8b13-4ead3aa824f4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d903221968664d7d217ab70bb3bed366cf56f2112b7963c805177a5564c279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +9+6cndTPyBonR/Tg0KIHw==
age: 411
vary: Accept-Encoding
content-length: 1402
x-ms-lease-status: unlocked
last-modified: Tue, 29 Jun 2021 20:16:00 GMT
server: cloudflare
etag: 0x8D93B3AB62F9907
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5c7b9189-601e-0124-3863-4207fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f46b67adf60cc4a-ZRH
expires: Thu, 31 Mar 2022 09:33:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
72 KB 47ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ab6f9996dda67dc7d45b35d222f2a953b848ef1fd7ab9314f7cdb7b94328ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72996
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 31 Mar 2022 05:33:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@300;400;600;700;800&display=swap

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d98a02c7ffdc76c11fc0488bf65bc62e1b5a633ffaf140953189105984f6c151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 05:33:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 31 Mar 2022 05:33:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Mar 2022 05:33:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
707 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 05:01:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 31 Mar 2022 05:33:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Mar 2022 05:33:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
705 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;700&display=swap

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c14efc4acb97c34b8ae5b0e6575d5181f917f5b6580af40f374dd44f640afa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 05:06:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 31 Mar 2022 05:33:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Mar 2022 05:33:53 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 62ms
34ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.menlosecurity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6f46b67b2d970221-ZRH
access-control-allow-headers: Content-Type

GET
H3 200 logo.svg
www.menlosecurity.com/wp-content/themes/menlo/resources/images/ 5 KB
2 KB 31ms
31ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/resources/images/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bc4ed1493c1977120d12182cb046732ffad208a75d936ce32944c7deddddd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 870289
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-134c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67b183f994b-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.menlosecurity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 124444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 18:59:49 GMT

GET
H3 200 arrow-dropdown.svg
www.menlosecurity.com/wp-content/themes/menlo/dist/images/ 207 B
457 B 28ms
27ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/images/arrow-dropdown.svg

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7d6070b955f11f31a679ff7742f6fe382348f7b71934cf2e8596ef1908c684a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 870288
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67b1844994b-FRA

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 18 KB
18 KB 44ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v13/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.menlosecurity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 20:19:44 GMT
x-content-type-options: nosniff
age: 33249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18000
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 20:19:44 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
46 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@300;400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.menlosecurity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 18:48:55 GMT
x-content-type-options: nosniff
age: 125098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 18:48:55 GMT

GET
H3 200 fa-solid-900.woff2
www.menlosecurity.com/wp-content/themes/menlo/dist/fonts/@fortawesome/fontawesome-free/webfonts/ 76 KB
77 KB 31ms
30ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/fonts/@fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
Origin: https://www.menlosecurity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 547470
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cdf1-13174"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67b1846994b-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 37ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.menlosecurity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 120358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 20:07:55 GMT

GET
H3 200 eBook_SWG_BuyersGuide_NAV-200x196.png
www.menlosecurity.com/wp-content/uploads/2021/10/ 36 KB
36 KB 53ms
52ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2021/10/eBook_SWG_BuyersGuide_NAV-200x196.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9acb38caafe1e9d1b575ce22fb7af46173b1ab43d8614f0c059240a2523bce4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344665
cf-polished: origFmt=png, origSize=55212
content-disposition: inline; filename="eBook_SWG_BuyersGuide_NAV-200x196.webp"
strict-transport-security: max-age=31536000; includeSubDomains;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36586
last-modified: Thu, 27 Jan 2022 16:53:01 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cded-d7ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67b3870994b-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 Datasheet_Cloud-Security-Platform-Powered-solation-core-200x196.png
www.menlosecurity.com/wp-content/uploads/2021/06/ 28 KB
28 KB 59ms
58ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2021/06/Datasheet_Cloud-Security-Platform-Powered-solation-core-200x196.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a5c1d85da5ccf4daae7b3abe3ace2b4635118fdb8e83dc99c73792811f79839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344665
cf-polished: origFmt=png, origSize=46970
content-disposition: inline; filename="Datasheet_Cloud-Security-Platform-Powered-solation-core-200x196.webp"
strict-transport-security: max-age=31536000; includeSubDomains;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28188
last-modified: Thu, 27 Jan 2022 16:53:03 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cdef-b77a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67b3872994b-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 SolutionBrief_Migrate_on_Prem-to-SWG-200x196.png
www.menlosecurity.com/wp-content/uploads/2021/06/ 32 KB
32 KB 34ms
32ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2021/06/SolutionBrief_Migrate_on_Prem-to-SWG-200x196.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34681d58d47f031f35460672e44c4f42139fe8bf5cbf21b3d80d501581c5b50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344665
cf-polished: origFmt=png, origSize=51588
content-disposition: inline; filename="SolutionBrief_Migrate_on_Prem-to-SWG-200x196.webp"
strict-transport-security: max-age=31536000; includeSubDomains;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32272
last-modified: Thu, 27 Jan 2022 16:53:04 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cdf0-c984"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67b4874994b-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 Journey_SASE_Nav-200x196.png
www.menlosecurity.com/wp-content/uploads/2021/06/ 27 KB
28 KB 37ms
35ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2021/06/Journey_SASE_Nav-200x196.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c61668fe02ae42129e33ad07239d82f1b32b5377c57f37e1c36cdaca0dc04a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344665
cf-polished: origFmt=png, origSize=43409
content-disposition: inline; filename="Journey_SASE_Nav-200x196.webp"
strict-transport-security: max-age=31536000; includeSubDomains;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27868
last-modified: Thu, 27 Jan 2022 16:53:04 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cdf0-a991"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67b4875994b-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 globe-icon-purple.png
www.menlosecurity.com/wp-content/themes/menlo/resources/images/ 278 B
655 B 63ms
63ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/resources/images/globe-icon-purple.png

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e80fa7380340a7651059a8b3d0d8ee3612d68c21a82206eaa5b0322b8263725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 508801
cf-polished: origFmt=png, origSize=671
content-disposition: inline; filename="globe-icon-purple.webp"
strict-transport-security: max-age=31536000; includeSubDomains;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 278
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cdf1-29f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67b488c994b-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 section-article-pattern.svg
www.menlosecurity.com/wp-content/themes/menlo/dist/images/ 190 B
457 B 170ms
169ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/images/section-article-pattern.svg

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f51bbe7b57914a96209c33c6a7a2d21f01b93f346fe27e5349249bc6a991679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67b5892994b-FRA

GET
H3 200 section-article-pattern2.svg
www.menlosecurity.com/wp-content/themes/menlo/dist/images/ 4 KB
1 KB 30ms
29ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/images/section-article-pattern2.svg

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

11374f38070555c45a2cf29c753bcd7442517ef7d7afdbe2d381f8235efeffcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344665
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-1133"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67b5893994b-FRA

GET
H3 200 article-single-right-pattern.svg
www.menlosecurity.com/wp-content/themes/menlo/dist/images/ 569 B
675 B 40ms
39ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/images/article-single-right-pattern.svg

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

62c994195bf30d1607e2d7b8cc5eaf8d9c30c7f78e6e32eecc676a3f74932e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344665
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-239"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67b5895994b-FRA

GET
H3 200 article-single-left-pattern.svg
www.menlosecurity.com/wp-content/themes/menlo/dist/images/ 595 B
697 B 28ms
27ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/images/article-single-left-pattern.svg

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1cd92144ff9e7af94bc45cac521e92d5534c7447b4de28afc365dbbf8828658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344665
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-253"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67b5897994b-FRA

GET
H3 200 fa-brands-400.woff2
www.menlosecurity.com/wp-content/themes/menlo/dist/fonts/@fortawesome/fontawesome-free/webfonts/ 75 KB
75 KB 32ms
31ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/fonts/@fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
Origin: https://www.menlosecurity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1082223
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76764
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cdf1-12bdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67b5898994b-FRA

GET
H3 200 tile-image@2x.jpg
www.menlosecurity.com/wp-content/uploads/2021/05/ 76 KB
77 KB 62ms
61ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2021/05/tile-image@2x.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

45dfb7e29904225979783d62efbf600377472d8d55c0fd886d7ea9d449387946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 884489
cf-polished: origSize=78061, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78053
last-modified: Thu, 27 Jan 2022 16:53:04 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cdf0-130ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67bb905994b-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 icon-question.svg
www.menlosecurity.com/wp-content/uploads/2021/05/ 1 KB
836 B 28ms
27ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2021/05/icon-question.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c27bb55dc2fe6453e72fdfa7726fc8b74473bbffdbc424df999dc7751bf7ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1640541
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:04 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf0-430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67bc909994b-FRA

GET
H3 200 icon-phone.svg
www.menlosecurity.com/wp-content/uploads/2021/05/ 1 KB
957 B 28ms
25ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2021/05/icon-phone.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba482add0c02c927f05b5078b949334e4d1db145525061a0bb29b70bda92b9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 870307
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:04 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf0-488"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67bc90a994b-FRA

GET
H3 200 ESG_HEAT_WhitePaper_BlogCTA.jpg
www.menlosecurity.com/wp-content/uploads/2022/02/ 82 KB
83 KB 198ms
195ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2022/02/ESG_HEAT_WhitePaper_BlogCTA.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f2f0600ba65c503c4eedf9c0e021a62aa7ed4d31e40cf084330abd371d5661f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84255
last-modified: Tue, 01 Feb 2022 19:37:28 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f98bf8-1491f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67bc90d994b-FRA

GET
H3 200 HEAT_Attacks_Evading_http_inspection__Blog-1920x1006.jpg
www.menlosecurity.com/wp-content/uploads/2022/03/ 139 KB
140 KB 194ms
192ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2022/03/HEAT_Attacks_Evading_http_inspection__Blog-1920x1006.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5e96e8c88c27288208f179033eb6d744340aa5280044ee70aa5d1a7aa1bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 142559
last-modified: Tue, 22 Mar 2022 19:07:28 GMT
server: cloudflare
x-frame-options: DENY
etag: "623a1e70-22cdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67bc90e994b-FRA

GET
H3 200 HEAT_Attacks_Evading_offline_categorization_Blog-1920x1006.jpeg
www.menlosecurity.com/wp-content/uploads/2022/03/ 144 KB
145 KB 200ms
198ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2022/03/HEAT_Attacks_Evading_offline_categorization_Blog-1920x1006.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf255b7a14f35ebb498f42619f527cf5c2f0b4b259f2f4d60a1a8d33bc858859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 147828
last-modified: Mon, 07 Mar 2022 16:20:56 GMT
server: cloudflare
x-frame-options: DENY
etag: "622630e8-24174"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67bc90f994b-FRA

GET
H3 200 HEAT_Attacks_HTML_sumggling_Blog_2-1920x1006.jpg
www.menlosecurity.com/wp-content/uploads/2022/02/ 102 KB
102 KB 184ms
182ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/uploads/2022/02/HEAT_Attacks_HTML_sumggling_Blog_2-1920x1006.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaa257569ce437cb17009ec6e1b145eb35c197ec6ec9dd5b7b531e08ec595e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 104478
last-modified: Mon, 07 Feb 2022 23:31:53 GMT
server: cloudflare
x-frame-options: DENY
etag: "6201abe9-1981e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67bc910994b-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.8.0/ 332 KB
71 KB 31ms
30ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZxViCiQmz7HefYYdJwAS4g==
age: 14102907
vary: Accept-Encoding
content-length: 72918
x-ms-lease-status: unlocked
last-modified: Tue, 17 Nov 2020 08:19:35 GMT
server: cloudflare
etag: 0x8D88AD1852575D6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f103e1ee-201e-0041-266c-c4f0f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f46b67bea9d0229-ZRH

GET
H3 200 section-contact-pattern.svg
www.menlosecurity.com/wp-content/themes/menlo/dist/images/ 2 KB
707 B 105ms
105ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/images/section-contact-pattern.svg

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

01cbac3c4e6bb2c6e2006fc5b2c60181bb18f6c0e75c3d12e5030508bd0afdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 870288
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-892"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67be93f994b-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 62ms
14ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dcc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Mar 2022 23:45:34 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=39995
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3104

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 40ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:09:12 GMT
fastly-original-body-size: 14407
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100147-IAD, cache-hhn11569-HHN

GET
H2 200 hotjar-1854968.js Show response
static.hotjar.com/c/ 4 KB
2 KB 104ms
53ms Script
application/javascript 13.225.80.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1854968.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-24.fra2.r.cloudfront.net

Software

Resource Hash

1868a40924e755c2f74d9e00e40a9d2b7e696275456a5a155e5624b99e235535

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/a640274c4638b391df181cc3f82c923f
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1887
via: 1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront)
x-amz-cf-id: isrRr5C4LGWsDVVudVGY7V19PdK1zqUo07UxlBKjr17EA9DxFvVtJA==

GET
H2 200 embed.js Show response
hubfront.hushly.com/ 194 KB
58 KB 779ms
723ms Script
application/javascript 2600:9000:21f3:1400:13:a3bc:6800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hubfront.hushly.com/embed.js
Requested by: Host: pages.menlosecurity.com
URL: https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1400:13:a3bc:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3afd12d2daae52af0546b186ad6fa6b774ce7377ccdf489c175644a5329cd337

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
last-modified: Wed, 08 Dec 2021 08:49:07 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
etag: W/"61b07183-307ef"
x-cache: Miss from cloudfront
content-type: application/javascript
content-encoding: gzip
x-amz-cf-id: 3SMWLiSRuj22UcU9NuNxiOdd682ME_YFWLvVsBZe8NPtMA2DbWS3jg==

GET
H2 200 trrsm2wf4gwm.js Show response
js.driftt.com/include/1648704900000/ 228 KB
65 KB 213ms
145ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1648704900000/trrsm2wf4gwm.js

Requested by

Host: pages.menlosecurity.com
URL: https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

99b8371ea5870168fc7d716523111eccc1eb3b9f6d178ca51a84422c2e5d6181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id: RLrn.pgrztq9JGsA18ddT8gvPuRXFSlY
content-encoding: gzip
etag: W/"c35baa2a9cb9bcc61b618d60c5bf974e"
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 15:05:40 GMT
server: nginx
date: Thu, 31 Mar 2022 05:33:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tsWWumAMrjkIzdW6Y10zO75WGEX-_mUPg6GzfwNaw16aTL_SfiQftg==

GET
H2 200 fullcircle.js Show response
d2i34c80a0ftze.cloudfront.net/ 31 KB
11 KB 40ms
13ms Script
application/json 2600:9000:20eb:c400:9:14eb:6280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=187d2103-bdc5-4e3f-b070-b5c6a4000840&domain=menlosecurity.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL64MFJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:c400:9:14eb:6280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5ecb40770d6660265902d8d1f07fe261185877e4359d111c06b865d589907f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 22:28:40 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
age: 25513
x-amzn-requestid: 241f6ff5-af89-4406-87c9-1c7d0e045bfe
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6244d998-5499a0a47d5946e60e698c2d;Sampled=0
x-amz-cf-pop: FRA60-P1, FRA2-C1
content-encoding: gzip
x-amz-apigw-id: P0bvyFqSvHcFZwg=
x-amz-cf-id: t8QieiGIwDs7k9mmpGlO8S-HFIvJ_UIx1bOmymFiDfrZC_wKYpSVpg==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 2 KB
1 KB 57ms
24ms Script
text/javascript 2606:4700::6812:15c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: pages.menlosecurity.com
URL: https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Oct 2021 14:31:37 GMT
server: cloudflare
age: 255
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 31 Mar 2022 05:39:39 GMT
cache-control: max-age=1200
cf-ray: 6f46b67c7c0f2325-ZRH
cf-bgj: minify

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1390668&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1390668%26t%3D2

43 B
1 KB

11ms
11ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1390668%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 05:33:54 GMT
X-Proxy-Origin: 217.64.151.10; 217.64.151.10; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a8218fe4-acde-438d-8d85-ed25090c2ff7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 05:33:54 GMT
X-Proxy-Origin: 217.64.151.10; 217.64.151.10; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f4779bb-2668-4d8f-bbb5-2d8ca39e5c3c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1390668%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?add=24198989
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D24198989

43 B
1 KB

18ms
18ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D24198989

Requested by

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 05:33:54 GMT
X-Proxy-Origin: 217.64.151.10; 217.64.151.10; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 35c7dc47-205b-4508-9a34-cf33b886c69f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 05:33:54 GMT
X-Proxy-Origin: 217.64.151.10; 217.64.151.10; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1a2d8cee-738d-41d6-8e74-041b76cd642f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D24198989
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1a750de4-f18f-43d4-8b13-4ead3aa824f4/d2455243-ab24-4927-854a-4111d3e6abf4/ 61 KB
15 KB 58ms
58ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1a750de4-f18f-43d4-8b13-4ead3aa824f4/d2455243-ab24-4927-854a-4111d3e6abf4/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

418f2aef05e4cdff4b33d843aeb31f177adb9279dff392f62f437ce7f26db90f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: B2oUQdl9/r/5SixrPyA8fA==
vary: Accept-Encoding
content-length: 15454
x-ms-lease-status: unlocked
last-modified: Tue, 29 Jun 2021 20:16:04 GMT
server: cloudflare
etag: 0x8D93B3AB8C3660B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c0f36067-601e-0046-76c0-440670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f46b67c482acc4a-ZRH
expires: Thu, 31 Mar 2022 09:33:54 GMT

GET
H2 200 adsct
t.co/i/ 43 B
338 B 138ms
117ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nx5nr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6807403f-774f-4fcb-ad0a-702b44030f78&tw_document_href=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Futm_campaign%3D0331ContentNewsletter%26utm_medium%3DEmail%26utm_source%3DOutboundEmail%26mkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 111
date: Thu, 31 Mar 2022 05:33:53 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e4515fea4d7ac5af53a3b7900d9faa29c452d0e841f45807fe8f56bccefb9894
content-length: 43

POST
H2 200 create Show response
st.fullcircleinsights.com/v1/visitors/ 1 KB
2 KB 469ms
468ms XHR
application/json 13.224.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visitors/create
Requested by: Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=187d2103-bdc5-4e3f-b070-b5c6a4000840&domain=menlosecurity.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-40.fra2.r.cloudfront.net
Software: /
Resource Hash: a94d229f7248388a27a33dcd741eb2a7f0765b84fd8422e789900d6d2f2a218e

Request headers

origin-fci: https://www.menlosecurity.com
Referer: https://www.menlosecurity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
x-api-key: uSI2bzqNHv34zA8znmW0LgfsY9TBayMx9gZJf430
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 4d27b103-74ef-4007-a65c-e3788827c3cb
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.menlosecurity.com
x-amzn-trace-id: Root=1-62453d42-1777a0f010a1cfe24f95f910;Sampled=0
x-amz-apigw-id: P1aCeGLNvHcF6xQ=
content-length: 1370
x-amz-cf-id: dZ-XpcMD-BOBtHZK8avYqo6EqnF_3zekSlqtgFqZvp2lp8ZvI6jkHQ==

OPTIONS
H2 200 create
st.fullcircleinsights.com/v1/visitors/ Frame 0
0 515ms
434ms Preflight
application/json 13.224.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visitors/create
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-40.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.menlosecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.menlosecurity.com
content-length: 1
content-type: application/json
date: Thu, 31 Mar 2022 05:33:54 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-apigw-id: P1aCaE6evHcF9nQ=
x-amz-cf-id: T2VSDdza1_0EHcXt3usCagZI5odU0eIKlG96Q0pNdtAw2s0kr8FfoQ==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: a034b75b-f965-4514-8bb9-ef43777816f7
x-cache: Miss from cloudfront

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&time=1648704834007&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Fmkt_tok%3DMjgxLU9XVi0...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D474058%26time%3D1648704834007%26url%3Dhttps%253A%252F%252Fwww.menlosecurity.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&time=1648704834007&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Fmkt_tok%3DMjgxLU9XVi0...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&time=1648704834007&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Fmkt_tok%3DMjgxLU9XVi...

0
265 B

131ms
110ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&time=1648704834007&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Fmkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1%26utm_campaign%3D0331ContentNewsletter%26utm_source%3DOutboundEmail%26utm_medium%3DEmail&liSync=true&e_ipv6=AQLMTowQCIlDXgAAAX_ed0snTnNTlmdCZjNYUj9_vXesGaBDfbJEYyTfyYPrOCtUIfbgdv73bIyu9H1p7IGvoxuEVFpFjA
Requested by: Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C76EDFE280EB4529968CE47BB8CE77EB Ref B: FRAEDGE1412 Ref C: 2022-03-31T05:33:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXbfQH/tSANSzdAii8OVQ==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 31 Mar 2022 05:33:53 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D4B1B908C2084EF08396762680C0EBB3 Ref B: FRAEDGE0906 Ref C: 2022-03-31T05:33:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=474058&time=1648704834007&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Fmkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1%26utm_campaign%3D0331ContentNewsletter%26utm_source%3DOutboundEmail%26utm_medium%3DEmail&liSync=true&e_ipv6=AQLMTowQCIlDXgAAAX_ed0snTnNTlmdCZjNYUj9_vXesGaBDfbJEYyTfyYPrOCtUIfbgdv73bIyu9H1p7IGvoxuEVFpFjA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXbfQH9VX7FsrhuHmZLvg==

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.8.0/assets/ 9 KB
3 KB 21ms
20ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.8.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a1a320a94cd7996a7ba23830f6b1d36ff7cff7cac6a3070d7ef3c69ad72cba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LHw3zF0h5sodgaOMb4k4dQ==
age: 410
vary: Accept-Encoding
content-length: 2690
x-ms-lease-status: unlocked
last-modified: Tue, 17 Nov 2020 08:19:26 GMT
server: cloudflare
etag: 0x8D88AD17FC731B6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b67c8bea-f01e-016e-1763-42379a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f46b67cc887cc4a-ZRH

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.8.0/assets/v2/ 44 KB
12 KB 20ms
19ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.8.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.8.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

816c46a84594f82602b025cd8ec01ff53aa85c0a2fc717db761148f3a1e78825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YPxHEVPQTqiJV760J1D8cg==
age: 410
vary: Accept-Encoding
content-length: 11566
x-ms-lease-status: unlocked
last-modified: Tue, 17 Nov 2020 08:19:28 GMT
server: cloudflare
etag: 0x8D88AD180D32D20
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a889a677-301e-007c-7663-4245d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f46b67cc888cc4a-ZRH

GET
H2 200 getForm Show response
info.menlosecurity.com/index.php/form/ 22 KB
5 KB 59ms
58ms Script
application/javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.menlosecurity.com/index.php/form/getForm?munchkinId=281-OWV-899&form=2571&url=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F&callback=jQuery112409797744943933595_1648704834047&_=1648704834048
Requested by: Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59bdc73e58335ece71b5368b8abb5a7095e83db8896fea48062219cce298d2a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6f46b67ce8489b52-FRA
cached: true

GET
H3 200 footer-pattern.svg
www.menlosecurity.com/wp-content/themes/menlo/dist/images/ 657 B
721 B 36ms
35ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/dist/images/footer-pattern.svg

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f38bfa814ad4096dccf3892ea2c80c4d8b79e5e8ba7043c7c730b2061a2d2102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 558613
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67cfa4c994b-FRA

GET
H3 200 logo-footer.svg
www.menlosecurity.com/wp-content/themes/menlo/resources/images/ 4 KB
2 KB 36ms
35ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/resources/images/logo-footer.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c45006c40d76e72f40e88dc8e91670aeb859178d60536c3b412f79fe5399b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/blog/heat-attacks-evading-malicious-link-analysis/?utm_campaign=0331ContentNewsletter&utm_medium=Email&utm_source=OutboundEmail&mkt_tok=MjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 508801
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61f2cdf1-105f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f46b67cfa4e994b-FRA

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 43ms
9ms Script
application/javascript 13.224.195.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1854968.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-94.fra2.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1801908
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Lp0G9TnwW6tpn0mQ8AAMSP6orf-D2WgmF28rdXGhUY1hvVXyHN-XzA==

GET
H3 200 globe-icon.png
www.menlosecurity.com/wp-content/themes/menlo/resources/images/ 276 B
647 B 34ms
34ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.menlosecurity.com/wp-content/themes/menlo/resources/images/globe-icon.png

Requested by

Host: www.menlosecurity.com
URL: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc9914192e0a743ae5573b812ab10411abd58039f8d1971fcf08f5591a8f2257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/wp-content/cache/autoptimize/1/css/autoptimize_b7c5fa166021c9f84cb201a70f49dde5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 344666
cf-polished: origFmt=png, origSize=2060
content-disposition: inline; filename="globe-icon.webp"
strict-transport-security: max-age=31536000; includeSubDomains;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 276
last-modified: Thu, 27 Jan 2022 16:53:05 GMT
server: cloudflare
x-frame-options: DENY
etag: "61f2cdf1-80c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6f46b67d3aa7994b-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 27 KB
9 KB 50ms
14ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: pages.menlosecurity.com
URL: https://pages.menlosecurity.com/MjgxLU9XVi04OTkAAAGDfHrCDhKs6HAWS7tB8Kq7n6FEPGw4sH45BaOmghe9e_64AiuvJUqlPxvxB5x95YUOIkAgr8o=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8575
Pragma: no-cache
Last-Modified: Thu, 07 Oct 2021 17:17:43 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615f2bb7-6a5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Thu, 31 Mar 2022 05:33:54 GMT

GET
H2 200 forms2.css
info.menlosecurity.com/js/forms2/css/ 13 KB
3 KB 187ms
187ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/js/forms2/css/forms2.css

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "1e009a7-3437-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6f46b67d99189b52-FRA
content-length: 2623
expires: Thu, 31 Mar 2022 09:33:54 GMT

GET
H2 200 forms2-theme-plain.css
info.menlosecurity.com/js/forms2/css/ 828 B
331 B 191ms
191ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "9e029e-33c-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6f46b67d991c9b52-FRA
content-length: 246
expires: Thu, 31 Mar 2022 09:33:54 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
519 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/js/forms2/js/forms2.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 05:33:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 31 Mar 2022 05:33:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Mar 2022 05:33:54 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 1087 2 KB
1 KB 24ms
7ms Document
text/html 13.224.195.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1854968.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-37.fra2.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 4740108
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Feb 2022 08:52:06 GMT
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
vary: Accept-Encoding
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-cf-id: 07dvBI2FaRKHMg3dpzb3wHicMoytUEJ6EwnLTezIsmkksom1uHFzbg==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v26/ 21 KB
21 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.menlosecurity.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 08:42:58 GMT
x-content-type-options: nosniff
age: 161456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21028
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:17:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 29 Mar 2023 08:42:58 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 29 B
880 B 12ms
11ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

95a30f324991c2aa65a429ba5a93daef1cd8334aabfe70372c4ba0a1a629785f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Mar 2022 05:33:54 GMT
X-Proxy-Origin: 217.64.151.10; 217.64.151.10; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 35897e61-2502-4658-8748-faf878482d93
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.menlosecurity.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 29
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
377 B 51ms
14ms XHR
text/plain 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d68c7d03f5ab05a3f6e0e47a6f63ab78e6c8e77fb6543e4f5882e53ef0986771

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:54 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.menlosecurity.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1854968/ 147 B
323 B 94ms
33ms XHR
application/json 52.17.146.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1854968/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.146.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-146-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c

Request headers

Referer: https://www.menlosecurity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1854968 Show response
vc.hotjar.io/sessions/ 0
256 B 57ms
40ms XHR
text/plain 13.225.80.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1854968?s=0.25&r=0.08028590611763775
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-110.fra2.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 0ZevMaWiBxTQhGg8umbAkO4cgW6Fl9WNI8S7oBrw6DPBlNwty7h2eg==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 228ms
198ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=978e5d07c2a3a90aa4884115fca62376&svisitor=null&session=beab0a3d-0f95-4040-8272-af8f2504d9ec&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A54%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20Highly%20Evasive%20Adaptive%20Threats%20(HEAT)%20attackers%20are%20able%20to%20evade%20malicious%20URL-link%20analysis%20engines.%20Cool%20down%20the%20HEAT%20with%20Menlo%20Security.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22HEAT%20Attacks%3A%20Evading%20Malicious%20URL-Link%20Analysis%20%7C%20Menlo%22%7D&cb=&r=https%3A%2F%2Fpages.menlosecurity.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Futm_campaign%3D0331ContentNewsletter%26utm_medium%3DEmail%26utm_source%3DOutboundEmail%26mkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1&pageViewId=06fcb461-b679-4dcc-8bb8-2f8862000997&an_uid=3184607067253115155

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:54 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 423 B
410 B 23ms
9ms XHR
application/json 18.185.122.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.122.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-122-172.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e99a52151c294c42df9ab0df1048d2403af8d1cf94817c26c706c8d75d002743

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Referer: https://www.menlosecurity.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Token cb6b946368e1bb01c6dac9732a72e3bc7e1fdd12
EpsilonCookie: cfd5ce174b3e0000423d4562d40000008d660501

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.menlosecurity.com
access-control-allow-credentials: true
content-length: 221

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 34ms
8ms Preflight 18.185.122.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.122.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-122-172.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,epsiloncookie
Access-Control-Request-Method: GET
Origin: https://www.menlosecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,epsiloncookie
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.menlosecurity.com
access-control-max-age: 1800
date: Thu, 31 Mar 2022 05:33:54 GMT
server: nginx

GET
H2 200 XDFrame Show response
info.menlosecurity.com/index.php/form/ Frame 5CAE 2 KB
867 B 178ms
178ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/index.php/form/XDFrame

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/1a750de4-f18f-43d4-8b13-4ead3aa824f4/OtAutoBlock.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b43508242f21a59b37bba45231dd25c6c861e079ef05607273c620337e217b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 6f46b67f2aed9b52-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 31 Mar 2022 05:33:54 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 forms2.min.js Show response
info.menlosecurity.com/js/forms2/js/ Frame 5CAE 205 KB
68 KB 18ms
18ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.menlosecurity.com/js/forms2/js/forms2.min.js

Requested by

Host: info.menlosecurity.com
URL: https://info.menlosecurity.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://info.menlosecurity.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
age: 0
etag: "1e009ee-3326e-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6f46b6805c409b52-FRA
expires: Thu, 31 Mar 2022 09:33:54 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 0F0A 2 KB
1 KB 133ms
132ms Document
text/html 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1648704900000/trrsm2wf4gwm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5649f632ac00f11cda1639488f93bc40cb1ffc6548e962ce7f5fa5e7184f813d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 31 Mar 2022 05:33:54 GMT
etag: W/"74f6beb1fe7d875c023ce422e7c3bca1"
last-modified: Thu, 24 Mar 2022 15:05:30 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-id: n_z-AieNT5Wno3IkyykbqSVgyispOHxYX43Zd9u31d_VhsS3vLuhHQ==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: X6oClU2cn2nKR2s.C3fjSS4U._mzGecD
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 12ED 2 KB
1 KB 127ms
126ms Document
text/html 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1648704900000/trrsm2wf4gwm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5649f632ac00f11cda1639488f93bc40cb1ffc6548e962ce7f5fa5e7184f813d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 31 Mar 2022 05:33:54 GMT
etag: W/"74f6beb1fe7d875c023ce422e7c3bca1"
last-modified: Thu, 24 Mar 2022 15:05:30 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-id: 0jtP4Tg3T3By9obfVsOk59KBDDlSyp7JF7TOh0f7L4YWLxJQrwGVDw==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: X6oClU2cn2nKR2s.C3fjSS4U._mzGecD
x-cache: RefreshHit from cloudfront

OPTIONS
H2 200 create
st.fullcircleinsights.com/v1/visitors/ Frame 0
0 425ms
425ms Preflight
application/json 13.224.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visitors/create
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-40.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.menlosecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.menlosecurity.com
content-length: 1
content-type: application/json
date: Thu, 31 Mar 2022 05:33:55 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-apigw-id: P1aCiHTovHcF6Vg=
x-amz-cf-id: EPmwSsfmfTDmbvj_44mBwcLnrJAxtypOuRoZaRnM2cozUERlPrrEQA==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: b6595ec5-2d45-42eb-bf06-97bad614b775
x-cache: Miss from cloudfront

POST
H2 200 create Show response
st.fullcircleinsights.com/v1/visitors/ 1 KB
2 KB 539ms
539ms XHR
application/json 13.224.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visitors/create
Requested by: Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=187d2103-bdc5-4e3f-b070-b5c6a4000840&domain=menlosecurity.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-40.fra2.r.cloudfront.net
Software: /
Resource Hash: a4b6cd79ba0b20ef9e603a7fbee5f20ceb45e465a7a2222206b3accf124a25da

Request headers

origin-fci: https://www.menlosecurity.com
Referer: https://www.menlosecurity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
x-api-key: uSI2bzqNHv34zA8znmW0LgfsY9TBayMx9gZJf430
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Mar 2022 05:33:55 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: f6a3ac45-c59f-4f96-880d-b3ba6d2456a5
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.menlosecurity.com
x-amzn-trace-id: Root=1-62453d43-3c53590077b21d872258a0b0;Sampled=0
x-amz-apigw-id: P1aCmEWTPHcFgMQ=
content-length: 1369
x-amz-cf-id: Uf6qzXrF-aazZo8ZAI_zi1q3ZRQtLB16LyVHvreqoJ81djWHjd618w==

OPTIONS
H2 200 queue
st.fullcircleinsights.com/v1/visits/ Frame 0
0 571ms
571ms Preflight
application/json 13.224.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visits/queue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-40.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.menlosecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.menlosecurity.com
content-length: 1
content-type: application/json
date: Thu, 31 Mar 2022 05:33:55 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-apigw-id: P1aCkEICPHcFeHw=
x-amz-cf-id: KnwObkRKl5EYfgBm_PmGHQwmPmpPaIuPiRZYGkDpO3nP0uctQFZjCQ==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 1a541d99-6ca5-47e0-a667-e0286b37cd08
x-cache: Miss from cloudfront

POST
H2 200 queue Show response
st.fullcircleinsights.com/v1/visits/ 2 KB
3 KB 489ms
488ms XHR
application/json 13.224.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visits/queue
Requested by: Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=187d2103-bdc5-4e3f-b070-b5c6a4000840&domain=menlosecurity.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-40.fra2.r.cloudfront.net
Software: /
Resource Hash: 49e24cf4b8aeab92eae4b748bf8e8c215af6c8a72673183ab241e469f8b1616e

Request headers

origin-fci: https://www.menlosecurity.com
Referer: https://www.menlosecurity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
x-api-key: uSI2bzqNHv34zA8znmW0LgfsY9TBayMx9gZJf430
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Mar 2022 05:33:55 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 369d1b3d-0820-4c41-a6e8-b7f8b7d64fc2
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.menlosecurity.com
x-amzn-trace-id: Root=1-62453d43-77a00de62d8391254e1f4917;Sampled=0
x-amz-apigw-id: P1aCpE9iPHcF85g=
content-length: 2318
x-amz-cf-id: uJeDOHlg-beiAR40JcCM6JhnE6ti5C3NRHsmKsQdWnFIGYkbi9Nk0w==

GET
H2 200 runtime~main.1029c7b6.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 6 KB
3 KB 24ms
23ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

515cf4f3ecb7b29a157420081881a416eba1520ad6d600077b65f3219c144688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 14:31:59 GMT
content-encoding: gzip
age: 572516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 14:13:00 GMT
server: nginx
etag: W/"d66e3ece0bdecd1caf4b35be9c9af3a9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GeG_AYdfsMNyN9jUtKJ35mHrN5GG2rt4
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: grhPRCbhMk7D4wEH1mlyN477SuxPqsnIPHJ82J-O6euV7WvlUWopyw==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 58 KB
20 KB 27ms
25ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 00:15:05 GMT
content-encoding: gzip
age: 6067130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h-qie6oYX2-XUST6BAWn3eOoLum4nNX7Ti3qgMn2LEoYJ_2QFc9ONQ==

GET
H2 200 main~493df0b3.590f1a1c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 6 KB
3 KB 28ms
27ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.590f1a1c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1437934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:24 GMT
server: nginx
etag: W/"56b1fdbf9f4fceaf79dbb7f1e085c35f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VbPHImM8_ns5xOgvCbvXJ2d13mU5n0l
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: olDqBUlBrLGjXQSj8HkU0zE57VM9of1qXirGg4C2resbqOVCvmpRVw==

GET
H2 200 runtime~main.1029c7b6.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 6 KB
3 KB 28ms
27ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

515cf4f3ecb7b29a157420081881a416eba1520ad6d600077b65f3219c144688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 14:31:59 GMT
content-encoding: gzip
age: 572516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 14:13:00 GMT
server: nginx
etag: W/"d66e3ece0bdecd1caf4b35be9c9af3a9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GeG_AYdfsMNyN9jUtKJ35mHrN5GG2rt4
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p-NfyqgXZgcOpbYSMGEgA1BqVjHqjHC1hHnd33jnqCgjgdeBQXw3DA==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 58 KB
20 KB 30ms
29ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 00:15:05 GMT
content-encoding: gzip
age: 6067130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lvv7CotBse0qfKn-xUSCGCRy-69uyXKHd6QSsVAycK2XD8C2nOL2AA==

GET
H2 200 main~493df0b3.590f1a1c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 6 KB
3 KB 31ms
31ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.590f1a1c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1437934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:24 GMT
server: nginx
etag: W/"56b1fdbf9f4fceaf79dbb7f1e085c35f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VbPHImM8_ns5xOgvCbvXJ2d13mU5n0l
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i-6xANnHS6bpfYCV-waxhIXt8Q8nAVnQ0XmQf7LpnEbuvrEpvkOa3A==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 47 KB
14 KB 25ms
24ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1437934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QgByA1oBzr5sWRG0VxKcBUMxhFDmYJq_pYIyeBKc-xL4lZVhfonmdA==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 44 KB
13 KB 27ms
27ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r806b_rrXLV2prc9SPuSCpuE-z1ab-379XmlZuAgnI96qQjfzmu_hQ==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 25 KB
8 KB 29ms
28ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 02:02:27 GMT
content-encoding: gzip
age: 2863888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 21:11:14 GMT
server: nginx
etag: W/"5b39d5e49e5ec5cdb576054612a441ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Jkm8Dc3zYP9zoYcPnVlVKYEMbcPK0qdn
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JumK8gMSBkI3donJxkArTlhx_s9tHNMkFbAxH4LwjuiIfBOoSCIZtQ==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 16 KB
5 KB 30ms
29ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s3CCCKTT2hGFVhyCsvqgcCuBckM_6Dz0C4iu2amwBx9OVqrIKtFqSg==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 72 KB
22 KB 32ms
31ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 7393212
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rSvpsWzLXE9uNa897nDlAkX7ZsQuJaD18rP7Ek5kV3LWKvtxoSuOTw==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 16 KB
6 KB 34ms
33ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EbxHynibCLwR5Jv4BxRGWMyzsV2BkcufQyovaSNVChJVuySJ-dSRIg==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 59 KB
19 KB 37ms
36ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 8050852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tTTzr9tWC4vWn1tdckuYw0a_pWTPUFZPgcPJRWbyog9BqfAEOnShug==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 91 KB
28 KB 40ms
40ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 08:08:57 GMT
content-encoding: gzip
age: 2669098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 21:11:13 GMT
server: nginx
etag: W/"14d96efdca3b51f9c3a4133e8b3ca95b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QYmbWCyCTWOrHsXnXZ6BKA83mluh3jwU
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ay11yRU-RtxP7CoWVuxJdPcRP2Kh-uWmx26Oqbfs3p5Ckm6HELWiiw==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 24 KB
7 KB 43ms
42ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6149907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:33 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rJVd9a0ga3GRjH5itT-n0pMsjVID7DTzsLrhkM_bOPT1d6VFPf6DJQ==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 62 KB
20 KB 46ms
45ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bLiwpeJEF1i69qDWtVJOUar1h74it6Kiwa8K0pwvxtGsw4rQhIntZg==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 105 KB
34 KB 49ms
48ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1437934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x3rSxj7JZVbdd2BnNrxQR_ngKfchLMH4
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LZBzwZDLuob1A-xa4Q34U3NxMjDTk6UyZ8d1oDEohbcjAnG66q3phA==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 12 KB
4 KB 53ms
52ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6149907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: waYX6VnSPxVUhyZy6S92BcHFgtXz8Wm3tS4F0RU33cQ0YumPQCXVXw==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 12 KB
5 KB 54ms
53ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eTHCwPDFCuysMKSTXFenMmNDI3KM85txo0H2iLu9nnEdV94RiMFt3w==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 17 KB
7 KB 54ms
54ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kWbtbL9N2mkqdiwYiCOV60Wo6mDsPY6FfzdA81-MuVPfDro2EY8Dgw==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 12ED 11 KB
3 KB 55ms
54ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vMY3nuUk1Ovk-J9QwRlSy0-rtnUUh3TevSja7ZA518MqKWOWuDxBGw==

GET
H2 200 8.ac0502ea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 70 KB
22 KB 57ms
57ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.ac0502ea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

3b8a8c3e723f1d31ce9512ddee97fbf779c311e8c22ce773e38091ae040ed277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 14:31:59 GMT
content-encoding: gzip
age: 572516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 14:12:59 GMT
server: nginx
etag: W/"904842dbfd6586150100664098bdcb25"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gZMB6d7FHGHhO7RpYzTF6mRgffdK.0AG
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: z5Hmk8GuR7meJNNDup7-aGP2EAuAwbrzNzAuvU99eJdGysMaA0hqow==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 12ED 24 B
665 B 59ms
58ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ymtw-48A7zEYiFwKYZJ_bhLl75WKs80aqWzuzaS-HIJIlG8ONnS2Jg==

GET
H2 200 15.623081cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 75 KB
19 KB 60ms
60ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.623081cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

31ff8f9902bf160e0082150a0234d73cb841e348c937d38f095d1eb65034c89d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 14:31:59 GMT
content-encoding: gzip
age: 572516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 14:12:57 GMT
server: nginx
etag: W/"b2ed0732b209e6425d55fc711aa51ac7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sy_S8r6k4RxiTme8aThmkbLhdFR__yqj
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NKaouf9glCGxqFF7F3FJiMIhO99smapa299hoxG31qln3Opa4gtzTg==

GET
H2 200 22.f9842666.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 47 KB
13 KB 63ms
63ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.f9842666.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:21 GMT
content-encoding: gzip
age: 1339114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"84aab2b92fbe097cc233d28cfcd07e34"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qu.tZP1dAb8G86QkRQ86fcMrVoZpSglm
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U7if9b2Is9ewapVE92672EMe9JBpriVzNjAH9n8KSJmT4ExNO1idzg==

GET
H2 200 13.1866b209.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 41 KB
13 KB 64ms
64ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.1866b209.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d3280116d003325bcb8f67f34d4c6f1bd9c5ecde9ddad89ee4f188a48cbaf290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 14:31:59 GMT
content-encoding: gzip
age: 572516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 14:12:57 GMT
server: nginx
etag: W/"91ed14723b156d694ed68bf45ec448f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bfasmieMAhBxW0Q1RiHW.qHPBKkmHxq2
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iIhD-sylO3kaM-9wGzfRZH7NyehliSFNV_UH_ZRMsV0ga-Y1Rw-XdA==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 47 KB
14 KB 60ms
59ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1437934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tj-2AkzYmTpm1q7NhKXLYp0xZciCeGs50AM4kYJEFj2E3x9IIfEe0Q==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 44 KB
13 KB 61ms
61ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HbxXemn0DPiNlLI_fno52Rt9j8q4qBdgF6Ub4xU3DwCnb-qbYVuCYw==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 25 KB
8 KB 62ms
61ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 02:02:27 GMT
content-encoding: gzip
age: 2863888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 21:11:14 GMT
server: nginx
etag: W/"5b39d5e49e5ec5cdb576054612a441ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Jkm8Dc3zYP9zoYcPnVlVKYEMbcPK0qdn
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ijQ5F23WTahirgMFBNfEakvwoAnwaOsRcnXoSPoDKHatyjcQC1wBOA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 16 KB
5 KB 62ms
62ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LkUREX0jql-5nmlj1q1v2X732ly-Xr-gk8GeehW8L27nYpnooDx_XQ==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 72 KB
22 KB 64ms
63ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 7393212
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jVsgFevWfcLobLXtu2OjokppWMVMKk_oOvhsBld2Hi1MKSByLYjpMQ==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 16 KB
6 KB 64ms
64ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FjqL2k9s8euX3HYWG4B4FJKjnamBRRIuKgXNnMQU2v0hEFekXMWxQw==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 59 KB
19 KB 66ms
65ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 8050852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: A0Xd10ZFjIsHrGatPbRohXgGk8eN-73cKOf78A-aWNZSks804WKsCQ==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 91 KB
28 KB 67ms
67ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 08:08:57 GMT
content-encoding: gzip
age: 2669098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 21:11:13 GMT
server: nginx
etag: W/"14d96efdca3b51f9c3a4133e8b3ca95b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QYmbWCyCTWOrHsXnXZ6BKA83mluh3jwU
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gfJFg6zWC0YlFT1sbKPcOXzG-RC5RvWC3Zxn3wZ9zBIW2cKtRsg8Gg==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 24 KB
7 KB 69ms
68ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6149907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:33 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iqGTq5yPiPF8X4HSv404Bm2VMvLT29CxpNnNJ397y1wDO9TUk7SEJA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 62 KB
20 KB 70ms
70ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L1inr58h4Qbv8LhAjEhBqVpLbxdphoezoas9W7RthA1qAKYx5hjt-g==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 105 KB
34 KB 72ms
71ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 1437934
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x3rSxj7JZVbdd2BnNrxQR_ngKfchLMH4
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9_k1JoQh564Q81QKvk_LPjqovkzRG8w8_GLft44RPyO4Uk4zA9Ehdw==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 12 KB
4 KB 74ms
73ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:15:27 GMT
content-encoding: gzip
age: 6149907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 18 Jan 2022 19:52:34 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UfFvTdcLS6-uTQvMyWD4ucQ1m6U5go6rOoVuct1Pw465wA4IdYiyYQ==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 12 KB
5 KB 74ms
74ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SWM3p3H1MSalx8Imtqt3aMdeJcZ5XbFO8cOccJA4qUIOSe3tkisKvA==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 17 KB
7 KB 75ms
75ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HCIcIOvKUlr4DTKdVja4rUdU0DRVp7V-DrQGbg4s1gXqNvNpWsjfhg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 0F0A 11 KB
3 KB 75ms
75ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RfzfkGp8QHZdGulSDhfRHtG8rq_oNsJoKT0GqqHnF9I5uyCrXybWPA==

GET
H2 200 8.ac0502ea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 70 KB
22 KB 76ms
76ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.ac0502ea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

3b8a8c3e723f1d31ce9512ddee97fbf779c311e8c22ce773e38091ae040ed277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 14:31:59 GMT
content-encoding: gzip
age: 572516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 14:12:59 GMT
server: nginx
etag: W/"904842dbfd6586150100664098bdcb25"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gZMB6d7FHGHhO7RpYzTF6mRgffdK.0AG
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _nakTAxyMo7r5B6BDaGITKJJ8aowC27pMiON2Mmqa5y_hG3tOmVM4A==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 0F0A 24 B
665 B 77ms
76ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
age: 7393214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5SmkFBRioW2u3KcQCPjWLNhJKjqyWJG36STsDG615xnPq_YP-i72oQ==

GET
H2 200 15.623081cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 75 KB
19 KB 78ms
77ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.623081cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

31ff8f9902bf160e0082150a0234d73cb841e348c937d38f095d1eb65034c89d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 14:31:59 GMT
content-encoding: gzip
age: 572516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 14:12:57 GMT
server: nginx
etag: W/"b2ed0732b209e6425d55fc711aa51ac7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sy_S8r6k4RxiTme8aThmkbLhdFR__yqj
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z3eWPzyxgFH7AkdpgbTspm3202Y8IqVPc2SsGL_mA49B1cLoeKie-Q==

GET
H2 200 22.f9842666.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 47 KB
13 KB 79ms
79ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.f9842666.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:21 GMT
content-encoding: gzip
age: 1339114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"84aab2b92fbe097cc233d28cfcd07e34"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qu.tZP1dAb8G86QkRQ86fcMrVoZpSglm
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G6GRT1dWBmzk-x3fWzxUWhnUOLjSn1AJq4iLeRwrUSL-Fh9iEZNMMw==

GET
H2 200 13.1866b209.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 41 KB
13 KB 80ms
80ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.1866b209.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d3280116d003325bcb8f67f34d4c6f1bd9c5ecde9ddad89ee4f188a48cbaf290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 14:31:59 GMT
content-encoding: gzip
age: 572516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 24 Mar 2022 14:12:57 GMT
server: nginx
etag: W/"91ed14723b156d694ed68bf45ec448f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bfasmieMAhBxW0Q1RiHW.qHPBKkmHxq2
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _QH57sP6GTgm2oI6bI1cGHCfFNA9UTwDfm2JvNXlOAp2qFU867FXZA==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 12ED 3 KB
1 KB 23ms
23ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X4Ae9kl50DpIioI88SpQoDDqzz6SkQOlq9JfCH-HHeq0lsConHAkEA==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 3 KB
2 KB 24ms
24ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 01:21:23 GMT
content-encoding: gzip
age: 1483951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 09 Mar 2022 19:39:00 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nKLZ1eCZgJyATnvQHZL81PT0kMSSnbMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HT6QzWirkiI_h7lb47MKQjlgLYx8A0E4RLioj_iYc40zZt9epVBzaQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 9 KB
3 KB 24ms
23ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e1xz4VT7bgY5BNRtKB0yK05vIM2zbPhD5fMJIMKp4IFTKj-DnP7tiQ==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 33 KB
10 KB 26ms
24ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uYHV6wjrwM-Iuse95S-DYwlJJCjKCzLpXRJtOIBjr7wd6EXJEzOTXQ==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 0F0A 8 KB
2 KB 25ms
24ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:12:42 GMT
content-encoding: gzip
age: 2366473
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Mar 2022 19:35:45 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nIQWP_TNHXf6VKMh1KLKq0CMzjnrVBjf
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hsO5FjWdcCZkj6z5IE8VY0wUN5uZinZd0CrAgZzhAkTXMb14HxD6Ng==

GET
H2 200 25.13d11617.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 12 KB
5 KB 26ms
25ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.13d11617.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9e92f9ea0db38a6487f6588e962ed6a06e478237173eca4d0e45b8fe7b86112a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:22 GMT
content-encoding: gzip
age: 1339113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"7cedab80631abf72e0de1939789e9982"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: o7tckVqeYvUaD8_hBcoukPgLK9HumXku
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FJvwxSbGOmYFkNnUig-NAaDCaPbF1DVLsVVn2bRiNzuZQ8xqR9pFVA==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 0F0A 365 B
1006 B 25ms
25ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rE3kTZH_VolaqNdXHwHL2W3OhY_FpOUmre0Kc7kP8S_dRlJ0_igaOQ==

GET
H2 200 19.cbd00f6b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 0F0A 85 KB
24 KB 27ms
26ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.cbd00f6b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=trrsm2wf4gwm&region=US&forceShow=false&skipCampaigns=false&sessionId=58628492-5016-4098-988d-da588c2f7853&sessionStarted=1648704834.904&campaignRefreshToken=8869a6fd-05c3-4a78-b3b9-416a686856fa&hideController=false&pageLoadStartTime=1648704833622&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:22 GMT
content-encoding: gzip
age: 1339113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"e5d01e169fc99a46f4cbb5ef34e481c4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WWKq4EyTp5AxwFncXlaQBYSiy4CobYNg
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9U_RdeMFF9V0iJDEbIdjbwonROEBoMcr2Em9LIeJTMNV9CRLZImRzw==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 204ms
204ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=978e5d07c2a3a90aa4884115fca62376&svisitor=cfd5ce174b3e0000423d4562d40000008d660501&session=beab0a3d-0f95-4040-8272-af8f2504d9ec&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A55%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A54%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%221004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20Highly%20Evasive%20Adaptive%20Threats%20(HEAT)%20attackers%20are%20able%20to%20evade%20malicious%20URL-link%20analysis%20engines.%20Cool%20down%20the%20HEAT%20with%20Menlo%20Security.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22HEAT%20Attacks%3A%20Evading%20Malicious%20URL-Link%20Analysis%20%7C%20Menlo%22%7D&cb=&r=https%3A%2F%2Fpages.menlosecurity.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Futm_campaign%3D0331ContentNewsletter%26utm_medium%3DEmail%26utm_source%3DOutboundEmail%26mkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1&pageViewId=06fcb461-b679-4dcc-8bb8-2f8862000997&an_uid=3184607067253115155

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:55 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 9 KB
3 KB 24ms
23ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jJsARTKta-x7ZJQ2bDoqFMwA6sELSSGGP_aZCIccEHvBAGbkqts9vw==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 12ED 7 KB
2 KB 24ms
24ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iK7Yj2_mxpXxOrtNTBMN-L-5lfMmp4whVXABJARZVjAvibUDQzggzg==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 54 KB
16 KB 25ms
25ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 7393213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YfoMNsjsplWAXSb14iEOA1tYoYuAD7c-qwB4fRw1Kijbas3khXP_Fw==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame 12ED 43 KB
7 KB 26ms
25ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:51:52 GMT
content-encoding: gzip
age: 1179723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 13:34:19 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PxBjSXKv2D9iu62R72tGZ7okhSAARqe8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: saAnDfaQMBM4Uhpp5qJMye1Q1rU2d9Sew413L_KlNG5yQSFmdjr-yA==

GET
H2 200 1.5c65827e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 73 KB
25 KB 27ms
27ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.5c65827e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6acb83378d8b4e5ff3155f6375017ed4d9de0e37775d3106c181cd427730e188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:24:49 GMT
content-encoding: gzip
age: 810546
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 21 Mar 2022 19:53:38 GMT
server: nginx
etag: W/"b708aa91b64a5b7c6b6ddb197e81010f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yaCLLa6iXOqbINeb80uzVs05G8nP7Fv7
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9o3D18AsWdV031jwRj0rZDi8Xlw43szvhr1gwf_Tc0NmkSQPE40cHA==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 12ED 12 KB
3 KB 28ms
28ms Stylesheet
text/css 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 4713535
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pSWYrQ87LQPMNqvnqnlUD0z1BKX6xKYWfpt2hHqy8DCg8UhpcvjY3A==

GET
H2 200 30.304d4bf2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12ED 11 KB
5 KB 28ms
28ms Script
application/javascript 13.224.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.304d4bf2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.1029c7b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-69.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648704833622
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:22 GMT
content-encoding: gzip
age: 1339113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"38d96c6ccd18212a914f55851e7dea75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NMIjSc_O1m0oYNrwPiID10ULv1PB3Qyi
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iVTUbtEbvbyx7V3SfAY6bfdtRvDQH5VJCJ8CokYSVUeeDsMjl9RnZA==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 319ms
100ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 31 Mar 2022 05:33:55 GMT
requestid: drift190e3c642b79f851c62bfc776c1
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0F0A 25 B
122 B 110ms
109ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Mar 2022 05:33:55 GMT
server: istio-envoy
requestid: 157b3a2ba8aa8f2e
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 0F0A 147 B
244 B 99ms
99ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

487d3252e04d702f033dd508688732af1b78b9a5a604a5699288b652ae9f9b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Mar 2022 05:33:55 GMT
server: istio-envoy
requestid: a4d2ac2ba2fffdab
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 309ms
100ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 31 Mar 2022 05:33:55 GMT
requestid: drift2dc62904a67a12645654cfc96b5
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 trrsm2wf4gwm.json Show response
embeds.driftcdn.com/embeds/ Frame 0F0A 10 KB
5 KB 479ms
453ms XHR
application/json 13.224.195.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/trrsm2wf4gwm.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-117.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb68c7512046fe75ec3d0c7da9385abd871e8a61c8cb6836c8294669724f2c8c

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 05:33:57 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 14 Dec 2021 19:56:52 GMT
server: AmazonS3
etag: W/"bd2483f983b53fbe7ac1a97fc9208688"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: EdLay2Qhs-x8sSD3DqpoVcAQPArdfmaILDeSZaFdIr1K803WkFCBWQ==

POST
H2 200 queue Show response
st.fullcircleinsights.com/v1/visits/ 2 KB
3 KB 514ms
514ms XHR
application/json 13.224.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visits/queue
Requested by: Host: d2i34c80a0ftze.cloudfront.net
URL: https://d2i34c80a0ftze.cloudfront.net/fullcircle.js?cid=187d2103-bdc5-4e3f-b070-b5c6a4000840&domain=menlosecurity.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-40.fra2.r.cloudfront.net
Software: /
Resource Hash: 72a08940b0244cc92ff7a52bcd63283786476342395800b92b9f2d4711e9e044

Request headers

origin-fci: https://www.menlosecurity.com
Referer: https://www.menlosecurity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
x-api-key: uSI2bzqNHv34zA8znmW0LgfsY9TBayMx9gZJf430
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Mar 2022 05:33:56 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 111e3e07-d7be-4fd4-b693-3f6bd4a3cd8d
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.menlosecurity.com
x-amzn-trace-id: Root=1-62453d44-71cb635971fbc7845e68000d;Sampled=0
x-amz-apigw-id: P1aCwGsyvHcFhKA=
content-length: 2318
x-amz-cf-id: RdEfkY8mxKVN2aUIR_ERspcIXR34iP4t1pgy4Y0Pyoj7trmeB2nIZw==

OPTIONS
H2 200 queue
st.fullcircleinsights.com/v1/visits/ Frame 0
0 432ms
432ms Preflight
application/json 13.224.195.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.fullcircleinsights.com/v1/visits/queue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-40.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: origin-fci,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.menlosecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,origin-fci
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://www.menlosecurity.com
content-length: 1
content-type: application/json
date: Thu, 31 Mar 2022 05:33:56 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-apigw-id: P1aCsGXyPHcFkBA=
x-amz-cf-id: oBzvRyz5hHJRTtq5a6vnuPWtmgW2SZa7W2cj9mvoWFbCrbGKSxmqkw==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 9552fe57-5c62-474a-aff1-e0527979792b
x-cache: Miss from cloudfront

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 195ms
195ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=978e5d07c2a3a90aa4884115fca62376&svisitor=cfd5ce174b3e0000423d4562d40000008d660501&session=beab0a3d-0f95-4040-8272-af8f2504d9ec&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A56%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A55%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20Highly%20Evasive%20Adaptive%20Threats%20(HEAT)%20attackers%20are%20able%20to%20evade%20malicious%20URL-link%20analysis%20engines.%20Cool%20down%20the%20HEAT%20with%20Menlo%20Security.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22HEAT%20Attacks%3A%20Evading%20Malicious%20URL-Link%20Analysis%20%7C%20Menlo%22%7D&cb=&r=https%3A%2F%2Fpages.menlosecurity.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Futm_campaign%3D0331ContentNewsletter%26utm_medium%3DEmail%26utm_source%3DOutboundEmail%26mkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1&pageViewId=06fcb461-b679-4dcc-8bb8-2f8862000997&an_uid=3184607067253115155

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 194ms
193ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=978e5d07c2a3a90aa4884115fca62376&svisitor=cfd5ce174b3e0000423d4562d40000008d660501&session=beab0a3d-0f95-4040-8272-af8f2504d9ec&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A56%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20Highly%20Evasive%20Adaptive%20Threats%20(HEAT)%20attackers%20are%20able%20to%20evade%20malicious%20URL-link%20analysis%20engines.%20Cool%20down%20the%20HEAT%20with%20Menlo%20Security.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22HEAT%20Attacks%3A%20Evading%20Malicious%20URL-Link%20Analysis%20%7C%20Menlo%22%7D&cb=&r=https%3A%2F%2Fpages.menlosecurity.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Futm_campaign%3D0331ContentNewsletter%26utm_medium%3DEmail%26utm_source%3DOutboundEmail%26mkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1&pageViewId=06fcb461-b679-4dcc-8bb8-2f8862000997&an_uid=3184607067253115155

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:57 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0F0A 25 B
89 B 115ms
113ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 31 Mar 2022 05:33:57 GMT
server: istio-envoy
requestid: 7c473141863269ef
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 99ms
99ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 31 Mar 2022 05:33:57 GMT
requestid: drift5fb6ca742ac8a795a2cc569e205
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 192ms
191ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=978e5d07c2a3a90aa4884115fca62376&svisitor=cfd5ce174b3e0000423d4562d40000008d660501&session=beab0a3d-0f95-4040-8272-af8f2504d9ec&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A57%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224007%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20Highly%20Evasive%20Adaptive%20Threats%20(HEAT)%20attackers%20are%20able%20to%20evade%20malicious%20URL-link%20analysis%20engines.%20Cool%20down%20the%20HEAT%20with%20Menlo%20Security.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22HEAT%20Attacks%3A%20Evading%20Malicious%20URL-Link%20Analysis%20%7C%20Menlo%22%7D&cb=&r=https%3A%2F%2Fpages.menlosecurity.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Futm_campaign%3D0331ContentNewsletter%26utm_medium%3DEmail%26utm_source%3DOutboundEmail%26mkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1&pageViewId=06fcb461-b679-4dcc-8bb8-2f8862000997&an_uid=3184607067253115155

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:58 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 194ms
194ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=978e5d07c2a3a90aa4884115fca62376&svisitor=cfd5ce174b3e0000423d4562d40000008d660501&session=beab0a3d-0f95-4040-8272-af8f2504d9ec&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A33%3A58%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20Highly%20Evasive%20Adaptive%20Threats%20(HEAT)%20attackers%20are%20able%20to%20evade%20malicious%20URL-link%20analysis%20engines.%20Cool%20down%20the%20HEAT%20with%20Menlo%20Security.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22HEAT%20Attacks%3A%20Evading%20Malicious%20URL-Link%20Analysis%20%7C%20Menlo%22%7D&cb=&r=https%3A%2F%2Fpages.menlosecurity.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Futm_campaign%3D0331ContentNewsletter%26utm_medium%3DEmail%26utm_source%3DOutboundEmail%26mkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1&pageViewId=06fcb461-b679-4dcc-8bb8-2f8862000997&an_uid=3184607067253115155

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.menlosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 05:33:59 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.menlosecurity.com/	1969-12-31 23:59:59	Name: BIGipServersj_mailtracking_http Value: !ZbC7tdYSIsXj6M4ZpELS1flvGHm9g6MdsFSuViDxoANbMdW8gP+WQakEQGpSVG2+3BRVdtNmTDok2tw=
.pages.menlosecurity.com/	1970-01-20 01:58:26	Name: __cf_bm Value: EsM0XVHAZOi8DOO0YPkWlDUPckZuimVHhyeC5.K5vaI-1648704833-0-Af2kXPPdSrlp2zApTRx0SuWscgHdpRNBosCwOxSA+bbxZrj1sZaZRZY9WPuwT0x/EfM3JZ2oLsRHRJoqzw6a200=
.menlosecurity.com/	1970-01-20 04:08:00	Name: _gcl_au Value: 1.1.687226428.1648704834
.menlosecurity.com/	1969-12-31 23:59:59	Name: _fcdscst Value: MTY0ODcwNDgzMzk5Mg==
.techtarget.com/	1970-01-20 01:58:26	Name: __cf_bm Value: eGy6kqgTq15jV9QRNTCz1JcwBl28rdwFp_evyeOsf.s-1648704834-0-Abc5mj7YeZGOwGrNhpp++UzBiUMYQ5B+1YAp/5f2HGnLYedOk+mDGUGVH8xlsogzbxPzDX//5oSPB0k8ZPc7vfs=
.info.menlosecurity.com/	1970-01-20 01:58:26	Name: __cf_bm Value: kQ_89CinlM5PnJnfndDUJAjd18WZ9nYu..TkfvEJUNM-1648704834-0-AVYYzd15Ur3WA0wkpUzQfBNbHITd76sm1KAPzWJ0OxQqDVcjNTQIfKGFSR1TiL0dJXCLkKRHgkpBKs+F8d7bnqY=
.adnxs.com/	1970-01-20 04:08:00	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2HbzJqf8[!@wnf-Te9(>wL5L!!'A7$_Pi*
.adnxs.com/	1970-01-20 04:08:00	Name: uuid2 Value: 3184607067253115155
.t.co/	1970-01-20 19:29:36	Name: muc_ads Value: 25549a1b-d4ff-4796-b383-d547883eb8ae
.linkedin.com/	1970-01-20 02:41:36	Name: UserMatchHistory Value: AQIE1LIkqx1w6gAAAX_ed0ounES_LhP6NkDsrTMn0IDs8OYVsw-Ozg6iQ7_QvOuCzrwk3Ulom3vf6w
.linkedin.com/	1970-01-20 02:41:36	Name: AnalyticsSyncHistory Value: AQIr7jkHSyRqggAAAX_ed0ou_bUMP-_7wftGQmg7ppuzqn9v2zSMnUwd4EB2OKflKtt7pc63PTBIAvZiXP-t8Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:30:18	Name: bcookie Value: "v=2&fdea2c2d-6b95-40e4-8907-be0eed1fe36e"
.linkedin.com/	1970-01-20 01:59:51	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2268:u=1:x=1:i=1648704834:t=1648791234:v=2:sig=AQHnbcwIaTPNOmVCnuVySBRPOVk1AihO"
.menlosecurity.com/	1970-01-20 10:44:00	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Mar+31+2022+05%3A33%3A54+GMT%2B0000+(GMT)&version=6.8.0&hosts=&consentId=272ed55e-b72b-4bc1-88d0-ff631d62e25f&interactionCount=0&landingPath=https%3A%2F%2Fwww.menlosecurity.com%2Fblog%2Fheat-attacks-evading-malicious-link-analysis%2F%3Futm_campaign%3D0331ContentNewsletter%26utm_medium%3DEmail%26utm_source%3DOutboundEmail%26mkt_tok%3DMjgxLU9XVi04OTkAAAGDfHrCDhAd_8suAY9uqQfVhNz3sX_aRVuBXB1vMrBb0OL65e8McbkwCYvoXEjF2IjmVn3AIbnE15_0ClQwZv3zJguoux8EOOI5MpsJCC23bQq1&groups=C0003%3A0%2CC0002%3A0%2CC0004%3A0%2CC0001%3A1
.6sc.co/	1970-01-20 19:29:36	Name: 6suuid Value: cfd5ce174b3e0000423d4562d40000008d660501
.menlosecurity.com/	1970-01-20 10:44:00	Name: _hjSessionUser_1854968 Value: eyJpZCI6ImQ5OWI2NWViLTRiYjctNTdjYy05Y2NmLTk2YjE5MGJjOWJhYyIsImNyZWF0ZWQiOjE2NDg3MDQ4MzQxNzcsImV4aXN0aW5nIjpmYWxzZX0=
.menlosecurity.com/	1970-01-20 01:58:26	Name: _hjFirstSeen Value: 1
www.menlosecurity.com/	1970-01-20 01:58:24	Name: _hjIncludedInSessionSample Value: 0
.menlosecurity.com/	1970-01-20 01:58:26	Name: _hjSession_1854968 Value: eyJpZCI6IjJkZDA1NzE2LTQwNWItNGQyMS05MTBkLWFiZmZjY2M0ZmYxOSIsImNyZWF0ZWQiOjE2NDg3MDQ4MzQyNDMsImluU2FtcGxlIjpmYWxzZX0=
www.menlosecurity.com/	1970-01-20 01:58:24	Name: _hjIncludedInPageviewSample Value: 1
.menlosecurity.com/	1970-01-20 01:58:26	Name: _hjAbsoluteSessionInProgress Value: 1
www.menlosecurity.com/	1970-01-20 02:08:29	Name: _an_uid Value: 3184607067253115155
www.menlosecurity.com/	1970-01-20 19:29:36	Name: _gd_visitor Value: e7553afb-21e2-431e-827a-d3ed631d8c26
www.menlosecurity.com/	1970-01-20 01:58:39	Name: _gd_session Value: beab0a3d-0f95-4040-8272-af8f2504d9ec
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:30:18	Name: bscookie Value: "v=1&20220331053354ed4443d8-3a4a-4fdc-837c-4d478e7cc573AQEJsUAs6HCvGRJDa9S1KnIwI-Pz2IwL"
.linkedin.com/	1970-01-20 19:26:08	Name: li_gc Value: MTswOzE2NDg3MDQ4MzQ7MjswMjELiiNC+AwCvIDft5HP5W8IISpbqUJHKje+RiLLauZv0g==
www.menlosecurity.com/	1970-01-20 19:29:36	Name: _gd_svisitor Value: cfd5ce174b3e0000423d4562d40000008d660501
info.menlosecurity.com/	1969-12-31 23:59:59	Name: BIGipServersj21web-nginx-app_https Value: !bknJ3Pytdf1WkSkZpELS1flvGHm9g5PnkTM4fJxSQmrNBQdW/PpAqNT+Zt8vCPjDMQuhm4If6tIAQYw=
www.menlosecurity.com/	1970-01-20 01:58:26	Name: drift_campaign_refresh Value: 8869a6fd-05c3-4a78-b3b9-416a686856fa
.menlosecurity.com/	1970-01-20 19:29:36	Name: _fcdscv Value: eyJDdXN0b21lcklkIjoiMTg3ZDIxMDMtYmRjNS00ZTNmLWIwNzAtYjVjNmE0MDAwODQwIiwiVmlzaXRvciI6eyJFbWFpbCI6bnVsbCwiRXh0ZXJuYWxWaXNpdG9ySWQiOiIyZWM0YWE3Ny02ZTViLTQ4MGYtOGU1Zi04MDE1MTgzMGI5NDkifSwiVmlzaXRzIjpbXSwiQWN0aXZpdGllcyI6W10sIkRpYWdub3N0aWNNZXNzYWdlIjpudWxsfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
bootstrap.api.drift.com
c.6sc.co
cdn.bizible.com
cdn.cookielaw.org
cdnjs.cloudflare.com
d2i34c80a0ftze.cloudfront.net
embeds.driftcdn.com
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
hubfront.hushly.com
ib.adnxs.com
in.hotjar.com
info.menlosecurity.com
j.6sc.co
js.driftt.com
metrics.api.drift.com
pages.menlosecurity.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
st.fullcircleinsights.com
static.ads-twitter.com
static.hotjar.com
t.co
trk.techtarget.com
vars.hotjar.com
vc.hotjar.io
www.googletagmanager.com
www.linkedin.com
www.menlosecurity.com
104.17.73.206
104.244.42.69
13.107.42.14
13.224.195.117
13.224.195.37
13.224.195.40
13.224.195.69
13.224.195.94
13.225.80.110
13.225.80.24
141.193.213.21
152.195.15.58
18.185.122.172
185.33.221.87
199.232.136.157
2600:9000:20eb:c400:9:14eb:6280:93a1
2600:9000:21f3:1400:13:a3bc:6800:93a1
2606:4700:10::6814:b844
2606:4700::6810:135e
2606:4700::6810:9540
2606:4700::6812:15c
2620:1ec:21::14
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a02:26f0:3500:7::17d8:4dcc
37.252.173.215
50.16.7.188
52.17.146.14
96.16.137.162
01cbac3c4e6bb2c6e2006fc5b2c60181bb18f6c0e75c3d12e5030508bd0afdfc
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
0c5e96e8c88c27288208f179033eb6d744340aa5280044ee70aa5d1a7aa1bdbf
0e80fa7380340a7651059a8b3d0d8ee3612d68c21a82206eaa5b0322b8263725
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f2f0600ba65c503c4eedf9c0e021a62aa7ed4d31e40cf084330abd371d5661f
11374f38070555c45a2cf29c753bcd7442517ef7d7afdbe2d381f8235efeffcc
14a2c4265faacac42460a034ee607f6f347aa37c12e5577fa31ea51db8295d02
1868a40924e755c2f74d9e00e40a9d2b7e696275456a5a155e5624b99e235535
1c27bb55dc2fe6453e72fdfa7726fc8b74473bbffdbc424df999dc7751bf7ce3
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2b065a0026be768ecfa77a6645a074c5c65a789f2889c1d1c4b22e96fd38f1da
31ff8f9902bf160e0082150a0234d73cb841e348c937d38f095d1eb65034c89d
34681d58d47f031f35460672e44c4f42139fe8bf5cbf21b3d80d501581c5b50f
3ab6f9996dda67dc7d45b35d222f2a953b848ef1fd7ab9314f7cdb7b94328ac2
3afd12d2daae52af0546b186ad6fa6b774ce7377ccdf489c175644a5329cd337
3b8a8c3e723f1d31ce9512ddee97fbf779c311e8c22ce773e38091ae040ed277
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
418f2aef05e4cdff4b33d843aeb31f177adb9279dff392f62f437ce7f26db90f
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
45dfb7e29904225979783d62efbf600377472d8d55c0fd886d7ea9d449387946
487d3252e04d702f033dd508688732af1b78b9a5a604a5699288b652ae9f9b5a
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
49e24cf4b8aeab92eae4b748bf8e8c215af6c8a72673183ab241e469f8b1616e
4a1a320a94cd7996a7ba23830f6b1d36ff7cff7cac6a3070d7ef3c69ad72cba2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbb558bcc73c6ec7de1a3bfee854935d2acb54b5055f49347a47fff164c2ce2
4c61668fe02ae42129e33ad07239d82f1b32b5377c57f37e1c36cdaca0dc04a9
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
515cf4f3ecb7b29a157420081881a416eba1520ad6d600077b65f3219c144688
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
5649f632ac00f11cda1639488f93bc40cb1ffc6548e962ce7f5fa5e7184f813d
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
59bdc73e58335ece71b5368b8abb5a7095e83db8896fea48062219cce298d2a5
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5ecb40770d6660265902d8d1f07fe261185877e4359d111c06b865d589907f78
62c994195bf30d1607e2d7b8cc5eaf8d9c30c7f78e6e32eecc676a3f74932e43
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
6a5c1d85da5ccf4daae7b3abe3ace2b4635118fdb8e83dc99c73792811f79839
6acb83378d8b4e5ff3155f6375017ed4d9de0e37775d3106c181cd427730e188
6c45006c40d76e72f40e88dc8e91670aeb859178d60536c3b412f79fe5399b21
6d903221968664d7d217ab70bb3bed366cf56f2112b7963c805177a5564c279e
6f51bbe7b57914a96209c33c6a7a2d21f01b93f346fe27e5349249bc6a991679
709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c
72a08940b0244cc92ff7a52bcd63283786476342395800b92b9f2d4711e9e044
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
76804ce7c33290016aab5c20233482652177c5f47939e851ba6eeb1dcd66e7d7
79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51
7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4
80a4168da3bfeb8a7a3d725ad6aabafc536c28503e6c053b3b8067fd1b5cd0cb
816c46a84594f82602b025cd8ec01ff53aa85c0a2fc717db761148f3a1e78825
8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8c22a9791005a4151489b67b078b2c48088e9e532279c14eda6b75b2a635e32b
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd
958c2ecbdd6c6708cf566ceb9b10ffd133ceef822ce81ef460db8ca29e44bcb5
95a30f324991c2aa65a429ba5a93daef1cd8334aabfe70372c4ba0a1a629785f
99b8371ea5870168fc7d716523111eccc1eb3b9f6d178ca51a84422c2e5d6181
9acb38caafe1e9d1b575ce22fb7af46173b1ab43d8614f0c059240a2523bce4c
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9e92f9ea0db38a6487f6588e962ed6a06e478237173eca4d0e45b8fe7b86112a
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4b6cd79ba0b20ef9e603a7fbee5f20ceb45e465a7a2222206b3accf124a25da
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a7d6070b955f11f31a679ff7742f6fe382348f7b71934cf2e8596ef1908c684a
a94d229f7248388a27a33dcd741eb2a7f0765b84fd8422e789900d6d2f2a218e
aaa257569ce437cb17009ec6e1b145eb35c197ec6ec9dd5b7b531e08ec595e93
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1d8469fbf3071c9728df837a0423288aa2a9dda474b48a1e66a5437d49cc819
b43508242f21a59b37bba45231dd25c6c861e079ef05607273c620337e217b9b
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244
b8bc4ed1493c1977120d12182cb046732ffad208a75d936ce32944c7deddddd2
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
ba482add0c02c927f05b5078b949334e4d1db145525061a0bb29b70bda92b9c7
baa39db7477eb8b69561c3fb8075f87796ae7281c31ebc5002c67d2c66c80f04
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c14efc4acb97c34b8ae5b0e6575d5181f917f5b6580af40f374dd44f640afa5e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cbda94666db24554bf77638fc059848d381c3c98f7f24641fa830abcd5793de7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc9914192e0a743ae5573b812ab10411abd58039f8d1971fcf08f5591a8f2257
cf255b7a14f35ebb498f42619f527cf5c2f0b4b259f2f4d60a1a8d33bc858859
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d31c8324cb19809562244b53cc52b67032e5cb663b758de4cdc5a28169743d99
d3280116d003325bcb8f67f34d4c6f1bd9c5ecde9ddad89ee4f188a48cbaf290
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d68c7d03f5ab05a3f6e0e47a6f63ab78e6c8e77fb6543e4f5882e53ef0986771
d98a02c7ffdc76c11fc0488bf65bc62e1b5a633ffaf140953189105984f6c151
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e1cd92144ff9e7af94bc45cac521e92d5534c7447b4de28afc365dbbf8828658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
e99a52151c294c42df9ab0df1048d2403af8d1cf94817c26c706c8d75d002743
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c
f38bfa814ad4096dccf3892ea2c80c4d8b79e5e8ba7043c7c730b2061a2d2102
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fb68c7512046fe75ec3d0c7da9385abd871e8a61c8cb6836c8294669724f2c8c
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

www.menlosecurity.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

98 %HTTPS

37 %IPv6

24 Domains

35 Subdomains

30 IPs

5 Countries

2611 kBTransfer

6320 kBSize

32 Cookies

30 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.menlosecurity.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

98 %
HTTPS

37 %
IPv6

24
Domains

35
Subdomains

30
IPs

5
Countries

2611 kB
Transfer

6320 kB
Size

32
Cookies

170 HTTP transactions
1 data transactions