www.armorblox.com Open in urlscan Pro
2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=
Effective URL:
https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj...
Submission: On September 19 via api (September 19th 2022, 1:12:27 pm UTC) from US — Scanned from DE

Summary HTTP 221 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 34 domains to perform 221 HTTP transactions. The main IP is 2a05:d014:275:cb01:8d93:e14c:3058:b0f4, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.armorblox.com.
TLS certificate: Issued by R3 on September 18th 2022. Valid for: 3 months.

This is the only time www.armorblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	2a05:d014:275... 2a05:d014:275:cb01:8d93:e14c:3058:b0f4	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2600:9000:205... 2600:9000:2057:3800:f:71f1:7280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
2	143.204.215.62 143.204.215.62	16509 (AMAZON-02) (AMAZON-02)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	52.30.214.212 52.30.214.212	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.24 65.9.66.24	16509 (AMAZON-02) (AMAZON-02)
8	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	34.195.229.137 34.195.229.137	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.58.117.7 52.58.117.7	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1ecd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 4	35.168.171.75 35.168.171.75	14618 (AMAZON-AES) (AMAZON-AES)
1	44.205.92.219 44.205.92.219	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.255.225.203 34.255.225.203	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
61	99.86.4.46 99.86.4.46	16509 (AMAZON-02) (AMAZON-02)
2	50.16.7.188 50.16.7.188	() ()
2	54.147.21.139 54.147.21.139	() ()
221	41

1 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

em.armorblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2a05:d014:275:cb01:8d93:e14c:3058:b0f4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.armorblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2057:3800:f:71f1:7280:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.armorblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-62.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

metadata-static-files.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.214.212 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-214-212.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

176-xmj-030.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.93.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-sj27.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-24.fra56.r.cloudfront.net

api.storyblok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.195.229.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-229-137.compute-1.amazonaws.com

analytics.humanautomation.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.117.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-117-7.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1ecd (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.168.171.75 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-171-75.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.92.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-92-219.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.225.203 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-225-203.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 99.86.4.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-46.fra6.r.cloudfront.net

rc-animation-feature.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	armorblox.com em.armorblox.com www.armorblox.com assets.armorblox.com	6 MB
63	driftt.com js.driftt.com — Cisco Umbrella Rank: 4993 rc-animation-feature.js.driftt.com	793 KB
8	6sc.co j.6sc.co — Cisco Umbrella Rank: 6334 c.6sc.co — Cisco Umbrella Rank: 9557 b.6sc.co — Cisco Umbrella Rank: 4416	13 KB
6	clickagy.com 3 redirects tags.clickagy.com — Cisco Umbrella Rank: 6675 aorta.clickagy.com — Cisco Umbrella Rank: 1502 hemsync.clickagy.com — Cisco Umbrella Rank: 5955	16 KB
6	marketo.com app-sj27.marketo.com — Cisco Umbrella Rank: 225024	143 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	61 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 430 p.typekit.net — Cisco Umbrella Rank: 577	138 KB
4	drift.com metrics.api.drift.com bootstrap.api.drift.com	366 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	4 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 7221	64 KB
3	humanautomation.ai analytics.humanautomation.ai — Cisco Umbrella Rank: 310322	24 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6352	719 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	629 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	3 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	427 B
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 11205	429 B
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 624	521 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	54 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6762	1 KB
2	digitaloceanspaces.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 32800	12 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 2665	6 KB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 410	8 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	98 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 501	227 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 432	705 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4816	2 KB
1	storyblok.com api.storyblok.com — Cisco Umbrella Rank: 85868	23 KB
1	mktoresp.com 176-xmj-030.mktoresp.com	318 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 9270	204 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	81 KB
221	34

	Domain	Requested by
66	www.armorblox.com	em.armorblox.com www.armorblox.com cdn.bizible.com
61	rc-animation-feature.js.driftt.com	js.driftt.com rc-animation-feature.js.driftt.com
16	assets.armorblox.com	www.armorblox.com
6	b.6sc.co	www.armorblox.com
6	app-sj27.marketo.com	www.armorblox.com app-sj27.marketo.com
5	www.google-analytics.com	www.googletagmanager.com www.armorblox.com
4	aorta.clickagy.com	3 redirects cdn.bizible.com
4	cdn.bizible.com	www.googletagmanager.com www.armorblox.com cdn.bizible.com
4	use.typekit.net	www.armorblox.com use.typekit.net
3	analytics.humanautomation.ai	em.armorblox.com analytics.humanautomation.ai
3	www.google.de	www.armorblox.com
3	www.google.com	www.armorblox.com
2	bootstrap.api.drift.com	rc-animation-feature.js.driftt.com
2	metrics.api.drift.com	rc-animation-feature.js.driftt.com
2	dpm.demdex.net	2 redirects
2	www.facebook.com	www.armorblox.com
2	epsilon.6sense.com	cdn.bizible.com
2	insight.adsrvr.org	www.armorblox.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	connect.facebook.net	em.armorblox.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	segment.prod.bidr.io	1 redirects www.armorblox.com
2	metadata-static-files.sfo2.cdn.digitaloceanspaces.com	em.armorblox.com
2	js.driftt.com	em.armorblox.com
2	munchkin.marketo.net	em.armorblox.com munchkin.marketo.net
2	cdn.cookielaw.org	www.armorblox.com cdn.cookielaw.org
1	id.rlcdn.com	www.armorblox.com
1	stags.bluekai.com	www.armorblox.com
1	hemsync.clickagy.com	cdn.bizible.com
1	tags.clickagy.com	ws.zoominfo.com
1	c.6sc.co	cdn.bizible.com
1	secure.adnxs.com	cdn.bizible.com
1	ws.zoominfo.com	em.armorblox.com
1	j.6sc.co	em.armorblox.com
1	api.storyblok.com	cdn.bizible.com
1	176-xmj-030.mktoresp.com	munchkin.marketo.net
1	stats.g.doubleclick.net	cdn.bizible.com
1	cdn.bizibly.com	www.armorblox.com
1	px4.ads.linkedin.com	www.armorblox.com
1	www.linkedin.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	www.googletagmanager.com	www.armorblox.com
1	em.armorblox.com
221	46

This site contains links to these domains. Also see Links.

Domain
get.armorblox.com
docs.microsoft.com
www.youtube.com
www.linkedin.com
www.facebook.com
www.twitter.com
armorblox.atlassian.net

Subject Issuer	Validity	Valid
em.armorblox.com Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh
armorblox.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
assets.armorblox.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
drift.com Amazon	`2022-08-24` - `2023-09-21`	a year	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
app-sj27.marketo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.storyblok.com Amazon	`2022-08-18` - `2023-09-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-28` - `2022-09-26`	3 months	crt.sh
analytics.humanautomation.ai Amazon	`2022-02-25` - `2023-03-26`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.6sense.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-13` - `2023-08-13`	a year	crt.sh
*.clickagy.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.drift.com Amazon	`2022-08-02` - `2023-08-31`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Frame ID: CBB3197BA2DB566CC853774E2CCF2744
Requests: 155 HTTP requests in this frame

Frame: https://app-sj27.marketo.com/index.php/form/XDFrame
Frame ID: AA99EA671D1A0013992744C74556A32B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C110F059D5EE6F0A42602392664B83F0
Requests: 1 HTTP requests in this frame

Frame: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 3D3700B8EAE5CA920E0F80CFFB2DB9D3
Requests: 31 HTTP requests in this frame

Frame: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
Frame ID: 8A33F049E4DAE15A4EC25954CCC33143
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blox Tales #11: Netflix Credential Phishing

Page URL History Show full URLs

https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3Y... Page URL
https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQ... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

221
Requests

98 %
HTTPS

43 %
IPv6

34
Domains

46
Subdomains

41
IPs

5
Countries

7434 kB
Transfer

16742 kB
Size

41
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://get.armorblox.com/email-risk-assessment
Title: Free risk assessment

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-worldwide
Title: Office 365 Exchange Online Protection

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCe1HUDYd6ZR4kwINgVWdRkA/featured

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/armorbloxinc/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/armorblox/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/armorblox

Search URL Search Domain Scan URL

URL: https://armorblox.atlassian.net/servicedesk/customer/portal/4
Title: Contact Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY= Page URL
https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

Request Chain 70

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593140604&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1663593140604%26url%3Dhttps%253A%252F%252Fwww.armorblox.com%252Fblog%252Fblox-tales-netflix-credential-phishing%252F%253Fmkt_tok%253DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593140604&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593140604&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&liSync=true&e_ipv6=AQLOOzeSKgpQ5AAAAYNV4NOoMj_vDYecDKgN3fetVgqDpqNQhV-FSFwQLQ82hRH4oLL6kr8

Request Chain 147

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:4f168b72d145fa83fcf1e7b3d3e7dc2e&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:4f168b72d145fa83fcf1e7b3d3e7dc2e&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=68906169514606781860837220216730023510 HTTP 302
https://stags.bluekai.com/site/51557?id=c:4f168b72d145fa83fcf1e7b3d3e7dc2e&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1

Request Chain 148

https://aorta.clickagy.com/liveramp_redir HTTP 302
https://id.rlcdn.com/711861.gif

221 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=
em.armorblox.com/ 558 B
1 KB 367ms
322ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-MLi34NzG9e/W7kXEKeJEq+pDUaOgXmUOjDqLzrysGYg=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 74d292821c1c6931-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-MLi34NzG9e/W7kXEKeJEq+pDUaOgXmUOjDqLzrysGYg=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Mon, 19 Sep 2022 13:12:19 GMT
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-request-id: ca2267ae8290bec4

GET
H2 200 Primary Request / Show response
www.armorblox.com/blog/blox-tales-netflix-credential-phishing/ 88 KB
22 KB 260ms
133ms Document
text/html 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6fb157dac2d6ccd2be331cc55e25534ae33cca5e7078fbc89576450e954a156d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://em.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 13:12:20 GMT
etag: "cfcc030d23396a5d1ebca4ab36b60fce-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GDAY1KRJDQCHWXGPA277H76F
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 96ms
47ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 19 Sep 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
age: 12898
vary: Accept-Encoding
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Thu, 15 Sep 2022 18:22:15 GMT
server: cloudflare
etag: 0x8DA974737287FBC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5bd43f01-f01e-006a-3736-c9844d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74d2928649d301eb-ZRH

GET
H2 200 jvs4ixc.css
use.typekit.net/ 3 KB
956 B 120ms
33ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jvs4ixc.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fb54ec2c7611cd695804c36982789e9595d5bd6bdfee1571e7918485eb82c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 19 Sep 2022 13:12:20 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 724

GET
H2 200 webpack-runtime-d8318743b6b92913b350.js Show response
www.armorblox.com/ 5 KB
2 KB 45ms
38ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/webpack-runtime-d8318743b6b92913b350.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f1890ff50be4ff79cf7cb28fed7df1839a7d430a9c31094810ec4ea8e5b2fffe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXRWBG5PFHZF8QNVEG9
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104154
etag: "7175dfea5eaa6f4c8a10c49da3955951-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:26 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2086
x-xss-protection: 1; mode=block

GET
H2 200 framework-c35e70fad454c434ae6b.js Show response
www.armorblox.com/ 127 KB
41 KB 30ms
23ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/framework-c35e70fad454c434ae6b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

daa698c8bbff0f8896f590e544f06c470d03af0dc6d7ecdec4b98e5f6580df5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXR7FHVSQYQSYYQ65V7
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104154
etag: "a8a6863aa2bfc86f87e9f673e9b6f860-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:26 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 42145
x-xss-protection: 1; mode=block

GET
H2 200 app-2759e81c69034ed02618.js Show response
www.armorblox.com/ 60 KB
19 KB 27ms
20ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/app-2759e81c69034ed02618.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

cb17ab922f4d5724f0a90ff0115610a966674e21428fa20b089f496a21cdf71d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXREC97H4KVSQPXSSNA
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104154
etag: "03b92a58bce8cd2566ab17b51cdad94a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:26 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18792
x-xss-protection: 1; mode=block

GET
H2 200 styles-e9d24b1846c7d6eb9685.js Show response
www.armorblox.com/ 117 B
208 B 29ms
22ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/styles-e9d24b1846c7d6eb9685.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

dba17f1b29b3b3637d709f951023ea1655b08c6b4f40fd612c5e927ba72829fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXR5MD4M3AP4M6FKG25
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 96479
etag: "4e47c94435c6f8cd7757b3c4c1c8a2f0-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:21 GMT
accept-ranges: bytes
content-length: 117
x-xss-protection: 1; mode=block

GET
H2 200 252f366e-878adcd77ff7fad27068.js Show response
www.armorblox.com/ 877 B
965 B 27ms
21ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/252f366e-878adcd77ff7fad27068.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

89bedf9a0b818f5271c43462a30b5574c4dc36f2c79838902d03f005be824c0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXRT42GGKRMXNEK4GY0
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 104154
etag: "21d00b364ad7be16fc01c26b9ad7b804-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:26 GMT
accept-ranges: bytes
content-length: 877
x-xss-protection: 1; mode=block

GET
H2 200 78e521c3-38c3d291d904954b5308.js Show response
www.armorblox.com/ 621 B
708 B 58ms
52ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/78e521c3-38c3d291d904954b5308.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e4a3280211b5fd200c4d4d043763886820517771353f9fef82a88c52ab5855a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXRKJVHWSVHEAM1P3MZ
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 104154
etag: "68a21c67246d61f0b61b7ce94fc6b5c6-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:26 GMT
accept-ranges: bytes
content-length: 621
x-xss-protection: 1; mode=block

GET
H2 200 1bfc9850-747a3e29b4cec7049a2c.js Show response
www.armorblox.com/ 2 KB
1 KB 59ms
53ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/1bfc9850-747a3e29b4cec7049a2c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a8f5d3db22e41774d495f5590e386c65e45ee9d6e3019ade87e5a5f9eadf5b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXRMPV30Z3K2A0AYR15
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62599
etag: "a039afcfeab1db594d24bf2f01be8170-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1169
x-xss-protection: 1; mode=block

GET
H2 200 ae51ba48-e6ed8a47419732d3a4f8.js Show response
www.armorblox.com/ 607 B
723 B 27ms
22ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/ae51ba48-e6ed8a47419732d3a4f8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9ab17804e34a235e778a2fcad45aac8737900071ecc51aeb9b944942faddb8a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXRFE3RPRGCBZGAR0JA
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 96480
etag: "fffd344963cd70e183859062aae6db03-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:21 GMT
accept-ranges: bytes
content-length: 607
x-xss-protection: 1; mode=block

GET
H2 200 3d360dac-197c1f96ffca55a9d033.js Show response
www.armorblox.com/ 345 KB
89 KB 42ms
37ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/3d360dac-197c1f96ffca55a9d033.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e416bac21f51ef7a9aa172a4c2f761846cb36fe6ae55b6439a6db80b3ff548ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXRKP04M58VH7YYA73Z
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62599
etag: "31ad224a3d00395901ff5cfee45111b8-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 91426
x-xss-protection: 1; mode=block

GET
H2 200 629e4ffc-1c5d96352745684bfb96.js Show response
www.armorblox.com/ 606 KB
314 KB 59ms
54ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/629e4ffc-1c5d96352745684bfb96.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e833fbc02878a06d85aa9e8378e939c676f085fbe2d7d385c85450538bfcbc92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KXR3G5KS55ZYKW7F8BV
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104152
etag: "c8bd496380c82e13d91c6a87324575f2-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:29 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 320810
x-xss-protection: 1; mode=block

GET
H2 200 31664189-21a22dc27022fc7662f7.js Show response
www.armorblox.com/ 2 KB
1 KB 72ms
67ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/31664189-21a22dc27022fc7662f7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

03f8a6e311621073ef87440db078abf904e8b830e51fa2a39188ce5915531e68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8CRB4D8YPVXV8ZYVN
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104152
etag: "951383096c4a29a407644a61a815a06f-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:29 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1189
x-xss-protection: 1; mode=block

GET
H2 200 05bddfcc-cef3482026f07fef8c7f.js Show response
www.armorblox.com/ 217 B
303 B 60ms
54ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/05bddfcc-cef3482026f07fef8c7f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b726950d58a01f4ff987fc29a610f871b1055f749185e626a4b1916f968f1bb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8V2EK72SS0AM408X9
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 104152
etag: "b1c7638ce050c9deddafb22cf07edca9-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:29 GMT
accept-ranges: bytes
content-length: 217
x-xss-protection: 1; mode=block

GET
H2 200 a4c92b5b-570fdb38251a4efdf646.js Show response
www.armorblox.com/ 132 KB
33 KB 73ms
68ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/a4c92b5b-570fdb38251a4efdf646.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5e206d921645cdd77ae1c4fb411bf3d04032d350cddadeb6888dd566ae1d5095

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8D9JVYQ2N4DPQCT3Y
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104149
etag: "eb3f2f9c23f2fae56714fbab50feea47-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:32 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 33853
x-xss-protection: 1; mode=block

GET
H2 200 d64684d8-61b9f5b8dac28b8c654b.js Show response
www.armorblox.com/ 505 B
622 B 60ms
55ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/d64684d8-61b9f5b8dac28b8c654b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

eaf1df68503e4437806bb51d28eefe54beeebdf13684a25f2d6a9a86ee96dc32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8RRCZ8X2W58F1TKVD
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 104149
etag: "ffb7342c734dd147905c2ee3e46ece4c-ssl"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:32 GMT
accept-ranges: bytes
content-length: 505
x-xss-protection: 1; mode=block

GET
H2 200 e8975190-80cdbb1cdf9a33e66010.js Show response
www.armorblox.com/ 168 KB
22 KB 74ms
69ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/e8975190-80cdbb1cdf9a33e66010.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a58dbc67f90f6006af9638b454c3cc2d65cc7125947095587ea7c4b372b11aeb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8VQ2WGWQGXT2GY4F7
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104149
etag: "44a5ffba18976b48dd60af6be975146c-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:32 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 22238
x-xss-protection: 1; mode=block

GET
H2 200 commons-53bd057bcb8b6db9f0ac.js Show response
www.armorblox.com/ 187 KB
65 KB 61ms
56ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/commons-53bd057bcb8b6db9f0ac.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5609cd1f7eecd11ee97aac287f6d44f91cb1c19f16d6fa11fd82acab3eb9cb75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY87VKZTV5Y9S09BAX6
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104148
etag: "2c4ce318dd5c5da4ed12ccd014aa31cf-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:33 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 66733
x-xss-protection: 1; mode=block

GET
H2 200 cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js Show response
www.armorblox.com/ 1 MB
370 KB 74ms
69ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e5035c8d058e1c25449d6d4852b063de6329a8b4a73dc84f94fbb405f8967d35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8VC5S445W45V5D7DD
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62599
etag: "992d398ab821cc537fb1d7919560c5ee-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 378392
x-xss-protection: 1; mode=block

GET
H2 200 component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js Show response
www.armorblox.com/ 1 KB
701 B 76ms
72ms Script
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

9a955a830fe4c3916de9ff562a0b8b315e40a862dadd9e456b3266ebb1131497

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8B94XTACDWPKM1G9A
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "2d0811591db3318cce645b6711f1a16e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 584
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/blox-tales-netflix-credential-phishing/ 30 KB
8 KB 383ms
379ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/blox-tales-netflix-credential-phishing/page-data.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4220b911e738c2f8bba237c1e36999914165cd1fa8a1dea1240a87fc461f5f65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8TXFPZKAEFBP8SCD0
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "6208b5bcf4720bcd5fe13ce65647604c-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:12:20 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 1199463856.json
www.armorblox.com/page-data/sq/d/ 2 MB
394 KB 85ms
82ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1199463856.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a40b9fa9a7440c38759c2c8402474e113d3956bb08b77159a4791864d5fb3345

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8ATRTANWD25ZG9NFT
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62599
etag: "f22f1cfda0effd70d43ce9f3a1393417-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 403201
x-xss-protection: 1; mode=block

GET
H2 200 1347410642.json
www.armorblox.com/page-data/sq/d/ 34 KB
6 KB 88ms
84ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1347410642.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f1d2fc79d147c71aa167b407a47319b8c856948b3200705890a96b312ddf1664

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY881EEBKWE5KYV1QCS
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62599
etag: "ab0203806dc59f8875dd7f91347c6bd7-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 6017
x-xss-protection: 1; mode=block

GET
H2 200 1764408108.json
www.armorblox.com/page-data/sq/d/ 148 KB
36 KB 89ms
85ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1764408108.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b3d5b4be6e7a2889c7f7b173472375ce3b2da6033948af5a4484bb7530f06552

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8ZCXN8M01PECA81KD
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62599
etag: "c45e2dde85c36b6ef33ae9ed7634b313-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 36567
x-xss-protection: 1; mode=block

GET
H2 200 1832314599.json
www.armorblox.com/page-data/sq/d/ 149 KB
36 KB 91ms
87ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/1832314599.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

1d974f1e1e970e41c63cb0e33398d884db88acac2ba98ec8b9a8df204fd310fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY80BBX112NM0PD42AB
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62599
etag: "47e9bdd8f6d48a971190f3f8b959ab3c-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 36675
x-xss-protection: 1; mode=block

GET
H2 200 2204046486.json
www.armorblox.com/page-data/sq/d/ 43 B
129 B 91ms
88ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2204046486.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8HJP22017NSN8S8CY
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 96480
etag: "7a24ccbfda83f0e7500f61ee8c02de4a-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:21 GMT
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 2493646278.json
www.armorblox.com/page-data/sq/d/ 422 B
536 B 91ms
88ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2493646278.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

2bc74d8ac684c2c07dc2c4c8d3df18d6f350631954a49fb342eac5aa13dda267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY82DNJYB71Q7TSYQH7
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 104141
etag: "abaa6108b4739bc00b6bc939a40bb9b7-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:40 GMT
accept-ranges: bytes
content-length: 422
x-xss-protection: 1; mode=block

GET
H2 200 2732447379.json
www.armorblox.com/page-data/sq/d/ 64 KB
19 KB 102ms
99ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2732447379.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

85309942cee52cab47e92148f4c21f15984a1e08a6ed7cbb63e275cabd3dc075

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY806EJE67XGDZQR61D
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104136
etag: "6e226d2de0b26b397a5d962fd6fc1f37-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18836
x-xss-protection: 1; mode=block

GET
H2 200 2932681485.json
www.armorblox.com/page-data/sq/d/ 70 B
156 B 109ms
106ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/2932681485.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

78df6e891c6153241987a2beb3ae39271274a094c36de4922cdc69a23b4811b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8JNJ4GK2HT2BD73AN
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 104136
etag: "3cecab4f00ff69d710bf2664e4e24ff4-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:44 GMT
accept-ranges: bytes
content-length: 70
x-xss-protection: 1; mode=block

GET
H2 200 3040308473.json
www.armorblox.com/page-data/sq/d/ 2 MB
439 KB 110ms
108ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3040308473.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

71b0089d7c527e6a7531b790e4506f3b2705f5cbb8b3f95a5ceef1fa55cf9338

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY9XR0APA5K19JMDYQF
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104136
etag: "a8f7633408f4040faaa9290cb5b3254e-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 449451
x-xss-protection: 1; mode=block

GET
H2 200 3323934922.json
www.armorblox.com/page-data/sq/d/ 590 B
678 B 112ms
109ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3323934922.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a88cd5d2766532b8d722540581011ad2fe22441f7ec0db584d86dea3787f2fa9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY80MXFZJ3667GM9AKB
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 104136
etag: "3962cda75141ac7d71585dd135b5f385-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:44 GMT
accept-ranges: bytes
content-length: 590
x-xss-protection: 1; mode=block

GET
H2 200 3447689480.json
www.armorblox.com/page-data/sq/d/ 3 KB
721 B 120ms
117ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3447689480.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

273b9dc19af04ac2dd618b4b6ae690c2bf7bde4715d13a48126a75b68eebaeb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8S0Z7EDS0B2E756H4
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104136
etag: "aeec773a3b5b72960ee83cedc4129fbc-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 630
x-xss-protection: 1; mode=block

GET
H2 200 3475154746.json
www.armorblox.com/page-data/sq/d/ 40 KB
8 KB 122ms
120ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3475154746.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

260c3eb2159e04ce0d647d9beb0e3f2758a82136ea5806d32ea3c50d1b2d8d3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8HZ2413D5HR771VYS
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
server: Netlify
age: 104136
etag: "148d2c752cfd2b8b379f1a8e8eec4b57-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 08:16:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7645
x-xss-protection: 1; mode=block

GET
H2 200 3627728446.json
www.armorblox.com/page-data/sq/d/ 32 KB
5 KB 122ms
120ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/3627728446.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

8b29ef7adac993a0cb8042dcb6705fe6e6b13ae8d3c4bf2f6579aa6ae90ae534

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8KMWTBBY1AF1KGV67
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62598
etag: "673d8f63b45fe642d30e3504409603f5-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5351
x-xss-protection: 1; mode=block

GET
H2 200 4183231755.json
www.armorblox.com/page-data/sq/d/ 2 MB
387 KB 125ms
122ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/sq/d/4183231755.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

8f27cedaf17cda78d6e31b33e5bf69837621e7f41d1aaaf2305ab154cc33064e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY89TVZNF5QCBT5Z7RE
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 62599
etag: "f1c38602db5ca63ea1a691ada6043742-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 19:49:02 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 395576
x-xss-protection: 1; mode=block

GET
H2 200 app-data.json
www.armorblox.com/page-data/ 50 B
166 B 125ms
123ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/app-data.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

15d69b5673cf488a9115372ebf1c3c3410cc5f9aaf58b283ec5c450aa9eb3d0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1KY8AMJWTBMEXA7V78YS
content-security-policy: frame-ancestors 'none'
server: Netlify
age: 96479
etag: "4b89934db09ddbc79606e1d20a6b879d-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
accept-ranges: bytes
content-length: 50
x-xss-protection: 1; mode=block

GET
H2 200 netflix-credential-phishing-thumbnail.png
assets.armorblox.com/f/52352/960x540/e0bf661e4a/ 14 KB
14 KB 480ms
392ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/960x540/e0bf661e4a/netflix-credential-phishing-thumbnail.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae67e45cd6461f3b5066ec7092c7b75d782741091fe7d7a852f09090a41bb470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: .vOlEhmLX3cqBdKZiYKFNJ7u.yfR8MJ1
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "8dcae63f6b2ce11aab0826f4d2c7b5b1"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14061
last-modified: Tue, 21 Jul 2020 00:46:36 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wY8nXfg1eAGCtJdJrsh62TvvMh4rgs9zEoJQXVHjm1WjvhIljN3fKg==
expires: Wed, 21 Jul 2021 00:46:35 GMT

GET
H2 200 netflix-credential-phishing-attack-flow.png
assets.armorblox.com/f/52352/1268x714/6b240e7a2c/ 614 KB
616 KB 572ms
485ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/1268x714/6b240e7a2c/netflix-credential-phishing-attack-flow.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08f2c07d0512cf4fded20fafb75e78d1ec3f9f40b739c1c04a72f18566c762a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: N3LBHMPyBQ45gXSgeMaivGJxGHx5MYyn
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "7f881f9c345e5f6bda3d2df2cab07d98"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 629164
last-modified: Tue, 21 Jul 2020 17:10:37 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5hMOL54pDnyCeXhATGur2Xs4zm9ZeclsF7gE6k5PRBIui8DHXslabw==
expires: Wed, 21 Jul 2021 17:10:36 GMT

GET
H2 200 netflix-phishing-email-body-final.png
assets.armorblox.com/f/52352/545x482/5f2f64ad57/ 59 KB
59 KB 489ms
402ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/545x482/5f2f64ad57/netflix-phishing-email-body-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 792506c76d7f282c24ae785c306e1027e4238d09ffdd2c33df7a6cbb5fe4e43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: apuSvUMscZh5xlJJoQqsKLKFj7IuaFVe
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "1062ea047b3530f590943c24444d9a43"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 60055
last-modified: Tue, 21 Jul 2020 17:12:47 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9KCEK4m9v_tF_xvwltbbG9R5kvLjmFWajS-ait3PLfhRidORqwo-Lg==
expires: Wed, 21 Jul 2021 17:12:46 GMT

GET
H2 200 netflix-captcha-final.png
assets.armorblox.com/f/52352/529x384/bd43a21fb5/ 16 KB
17 KB 476ms
389ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/529x384/bd43a21fb5/netflix-captcha-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bcc8bb2f2e6001f7731f1b972e939012587a465345af843c6ab9a9c461aeb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: y1qdSGVHKj7dI8cCfD9rWrqpcV03It0h
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "f2bda5ffcf60436a21cf705eb9307035"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 16669
last-modified: Tue, 21 Jul 2020 00:30:14 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hOqzS4DVX4OQIomOGRQSEJx6JzyXSeqtEANgFnfBhi0PO8bxWnj30A==
expires: Wed, 21 Jul 2021 00:30:13 GMT

GET
H2 200 whf-netflix-final.png
assets.armorblox.com/f/52352/652x386/c54ef09c4a/ 271 KB
272 KB 571ms
484ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/652x386/c54ef09c4a/whf-netflix-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eefeea093168e2e7c715358344b72d9aaf8815d2deb320dcaa934e4d51eb147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: Rz_dbCl_tOV6lHxc91krFoUvDbgnHOV9
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "b38d57f5d5f89e267d65acf88c7b5756"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 277779
last-modified: Tue, 21 Jul 2020 00:31:53 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VZAcPWpp9euurWzM92VuhyZHIexrWvVp2RC1p4kiCUkimdvsD5J--A==
expires: Wed, 21 Jul 2021 00:31:52 GMT

GET
H2 200 netflix-whois-record-final.png
assets.armorblox.com/f/52352/788x285/980a1d052e/ 118 KB
119 KB 572ms
485ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/788x285/980a1d052e/netflix-whois-record-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 672eff660abe4418afe333b3314d7145f844762d61b7b2b340f99c71775d7dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 9uc3a_H6HiOlHiMt25FkuqoCV2I.EItW
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "d4f343a124ac5ae993e8e8de4400be16"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 121252
last-modified: Tue, 21 Jul 2020 00:32:49 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: W6XxzzzN9Vl09CP1TVNvXGSauw7Jayo-tmkuyjOY0VCTe7mRlMvSOQ==
expires: Wed, 21 Jul 2021 00:32:48 GMT

GET
H2 200 netflix-login-page-final.png
assets.armorblox.com/f/52352/897x571/c0ad2de7a6/ 754 KB
755 KB 421ms
420ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/897x571/c0ad2de7a6/netflix-login-page-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc6475a76eaa61e6c169cfb7bc233e617fb7322904a194355fcbd7e34e61f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: pdYFfaE5C0swNock1MTONhOZDqg0nPoF
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "7dca10e7ab25a2af58236bb2dfa07ed5"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 772088
last-modified: Tue, 21 Jul 2020 00:34:13 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: XCmJxNsvb9mv9Kxz7KiMtjPslnB9nMhxVwn1DUAIcJ1F1N5z1lzJ5w==
expires: Wed, 21 Jul 2021 00:34:11 GMT

GET
H2 200 netflix-billing-address-final.png
assets.armorblox.com/f/52352/712x571/1cc07c523f/ 597 KB
599 KB 474ms
473ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/712x571/1cc07c523f/netflix-billing-address-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c103627751ca38778b802e130cfa523aa0fb47552fada36f9cafca65dc8bf7e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: MBHkMX85oXVIAIbCtsBCqexfhObTnqga
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "ce9df454bfb392c214af5eea697c23e3"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 611556
last-modified: Tue, 21 Jul 2020 00:35:06 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: B1aftp2InXQWi9W7plNTeGdCEGaXgh6luL4WFNomWTS1h2vi9yKS-Q==
expires: Wed, 21 Jul 2021 00:35:05 GMT

GET
H2 200 netflix-payment-page-final.png
assets.armorblox.com/f/52352/724x571/572b19b667/ 629 KB
630 KB 400ms
399ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/724x571/572b19b667/netflix-payment-page-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a808a0d38265362afe28171f6ea9eafcd29fe350d2fe54418ca4b9f593707d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: n_VELHOt79bd3wBynyxWjDdRZKcrdDuD
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "b03879bb786edf619e3d2e29669ce9bd"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 643885
last-modified: Tue, 21 Jul 2020 00:35:37 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hSMD9hYj7Em2JR-Qj2PNcYIFicXHCNeJVHyZCLlWQv6ZTph6at-RTg==
expires: Wed, 21 Jul 2021 00:35:36 GMT

GET
H2 200 netflix-email-header-final.png
assets.armorblox.com/f/52352/1254x304/fec1a461f7/ 66 KB
66 KB 473ms
472ms Image
image/png 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/1254x304/fec1a461f7/netflix-email-header-final.png
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e079894f0fbf15f3eaa5d999e208a2604f5ea85e7e3790013b1e990e01dcf0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: jbRGS7ZU.D8H2ZJ3rjQDOgFnCbGCgpqU
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "9888c591dc6602beefc051dc460d1f52"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 67299
last-modified: Tue, 21 Jul 2020 00:37:33 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 88J0QluNKaB20ode0gNjtgULsljUoskOMBI-npkZeUlFY-sqy4dmiQ==
expires: Wed, 21 Jul 2021 00:37:31 GMT

GET
H2 200 youtube.svg
assets.armorblox.com/f/52352/x/7453252d4c/ 704 B
1 KB 471ms
470ms Image
image/svg+xml 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/7453252d4c/youtube.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6f9abbe03119dc36e88acddcb8e50d8522352723c5fd5f1e6c0c3426b4ff5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: lbRkzmHrb2xeGv_ziOr8RkpI_LZPvXwB
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "657583ff2e768183a5fb64fb0b9e7d2f"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 704
last-modified: Thu, 24 Jun 2021 18:08:06 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: o1r5iNUnAhINzKNEwoU34SvPFZRNSupiu0LVMdTuWuST8hv0m7QqDg==
expires: Fri, 24 Jun 2022 18:08:05 GMT

GET
H2 200 linkedin.svg
assets.armorblox.com/f/52352/x/155bd1c707/ 812 B
1 KB 472ms
471ms Image
image/svg+xml 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/155bd1c707/linkedin.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b75d669453c5377eebafda19b9ae0b4583853a06a5ba817fad8174adacf7fe69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: XsESDOX82cYk.RLqQtoILFecu6jiFmP.
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "21ef1437b68ac009fef5345d7e32ab29"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 812
last-modified: Thu, 24 Jun 2021 18:07:38 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bSY9GHCUzH8o0rIk8S_B6PY0QcB23VkMJv8ON8NE_R7mUlc95HoMeA==
expires: Fri, 24 Jun 2022 18:07:37 GMT

GET
H2 200 facebook.svg
assets.armorblox.com/f/52352/x/64fd04f4ec/ 534 B
1005 B 474ms
473ms Image
image/svg+xml 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/64fd04f4ec/facebook.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 132e0a9dd6275c5353db596f5fec132a5120ff9ad39ab3d27eb4e7ad2b7f9a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: qiC.VGaumdHq7VFjbEBar5PwE9WXg5jm
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "49954fbdf18ba81327981eab1758dc55"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 534
last-modified: Tue, 29 Jun 2021 00:30:31 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: o83grfmOecKi--6czvjKItJY1Fmm2FRmhqOkc5msTaJHFgkhWepcWQ==
expires: Wed, 29 Jun 2022 00:30:30 GMT

GET
H2 200 twitter.svg
assets.armorblox.com/f/52352/x/e0446ad765/ 963 B
1 KB 473ms
472ms Image
image/svg+xml 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/x/e0446ad765/twitter.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7001ada63b35c370c5c207ef8c85d0ae5bd79c826599f1d2bc36de67a6531ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: NfDoMuB.euKHPI_VkVpl9j.6PBlb08gC
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "a289a62d76fd458b5967482c532773c9"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 963
last-modified: Thu, 24 Jun 2021 17:59:33 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Qcu7p8AAEU0oAOTikVpBCdncOBvcKsQ5seqlSh-weUbqjHhSp3byUg==
expires: Fri, 24 Jun 2022 17:59:31 GMT

GET
H2 404 7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json Show response
cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/ 215 B
577 B 121ms
69ms XHR
application/xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fa43750cb547f586079eeae5798a3a92b84459973c3afa6dc6c5117ade20e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 4e94c605-701e-00bc-6a29-cccf97000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74d29286ed03233d-ZRH
expires: Mon, 19 Sep 2022 17:12:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
81 KB 81ms
37ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3359e049ccbf9d3a1b8422c8bd9912d0040e7f6a5b807288c39e3699db6d2ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82126
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 13:12:20 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04f9098825e7c5644552ed96fd1e01bba9bd0c074784d085108ffcc889c06f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 341 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5571f1943dcc57dfed00e9e8c9bcd1588d1b9eccceb9c9472219167cdad0e933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 88ms
19ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jvs4ixc&ht=tk&f=17001.17005.22622.22658&a=85898256&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 19 Sep 2022 13:12:20 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47d0606aac29b8e5df0845350e3fec479cc51387efb7fef9b3c7bb181b8c7a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/ 46 KB
47 KB 62ms
15ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 276ce26603da0a4bf9d16f692e149734aa6a26eb4e56885938cd8c5582c6d423

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
server: nginx
etag: "3a10c5262b240475e5bca5e7da48ec50b8a32efc"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47364

GET
H2 200 l
use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/ 48 KB
48 KB 73ms
32ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3cb45867ace25baa1d6bcd56d05739fa8733cbadd9959fb33c2c038037a8742d

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
server: nginx
etag: "c8259a14b519552d38e884fd3c99e38df688eca8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48668

GET
H2 200 l
use.typekit.net/af/d9e6fa/00000000000000007735a1c3/30/ 43 KB
43 KB 55ms
18ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d9e6fa/00000000000000007735a1c3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d3629679a7b8c5d0d6af84a5aca6ef0e8fb7f966b39c6a64cd584dbeef2ca5ce

Request headers

Referer: https://use.typekit.net/jvs4ixc.css
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
server: nginx
etag: "deedb6e32ad5c2c4c06c04c78a4e7af1ce7e86a4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43648

GET
H2 200 logo_color.svg
assets.armorblox.com/f/52352/775x159/8fa6246e47/ 5 KB
2 KB 405ms
405ms Image
image/svg+xml 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/775x159/8fa6246e47/logo_color.svg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0b8a9530fe420d782e19330e0f0efa1063be86f3ddb516908afcd3ae653ac5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: mz7FuZyYU2Vi0U2XIKm7_i5TkImigldk
content-encoding: gzip
last-modified: Tue, 22 Jan 2019 17:30:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"bd9097047e005ccf1fd3c513042585c6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cache-control: public; max-age=31536000
date: Mon, 19 Sep 2022 13:12:21 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: rn5zLqnUCoU-1UfQTDRGYM-HuApdsRo7hbGfh6Z5v_eiySdPx1Plww==
expires: Wed, 22 Jan 2020 17:30:47 GMT

GET
H2 200 abhishek-photo.jpg
assets.armorblox.com/f/52352/720x960/f3b816ebbc/ 79 KB
80 KB 401ms
401ms Image
image/jpeg 2600:9000:2057:3800:f:71f1:7280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.armorblox.com/f/52352/720x960/f3b816ebbc/abhishek-photo.jpg
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3800:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc1365163acf680a1f6034ea4ffb60b748a7a71ebee3d911989771b4962486d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: Qe8uGuGaixjXrZwpkfil0TFqIk07FO1j
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
etag: "0525b55370c4b740b0923fbab23957db"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 81210
last-modified: Wed, 05 Feb 2020 00:27:00 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 13:12:21 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kQh3IH6cHtQLcuagSSl85fapbMWVgqJEo26jMgIQ_W4yP8_waxmWYw==
expires: Thu, 04 Feb 2021 00:26:59 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 75ms
18ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=39741
accept-ranges: bytes
content-length: 3063

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 105 KB
41 KB 68ms
24ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-P34TZX3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8eba5a7ceaec1b523c20b1a82dc4226ebbe7931530fed009e97b9df5d9e6367c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41724
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 13:12:20 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 129ms
73ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 13:12:20 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 107ms
37ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 13:12:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 728

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 86ms
15ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 21:24:41 GMT
server: ECS (frb/67D4)
age: 57442
etag: "5ba639149c9d81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32316

GET
H2 200 ikk2zzg7t3aw.js Show response
js.driftt.com/include/1663593300000/ 214 KB
61 KB 237ms
187ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1663593300000/ikk2zzg7t3aw.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

230cef17f8b019c9e5987e1966b3e131c21fa794a0d76b3a4a712fa849dbee58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: N6U5KL_Z1eVcggYSKxAOUng14z.yWLni
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
etag: W/"7fcb1454db860e57f83119b09d3fdb80"
x-amz-cf-pop: IAD89-P1, FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 21:04:17 GMT
server: nginx
date: Mon, 19 Sep 2022 13:12:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true, true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LTLiVFcm588fMU4rLxclMoQ1_Q6U5YGWBU-6CmAjjsuIV5kN_ByaJA==

GET
H2 200 lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 6 KB
6 KB 167ms
104ms Script
application/x-javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:20 GMT
last-modified: Fri, 10 Dec 2021 19:19:18 GMT
x-amz-request-id: tx0000000000000a52c050d-00631fb4cd-3ade62ea-sfo2a
etag: "b407e44b8c40c183ae2c50df3bbcf151"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1663593140.dop250.lo4.t,1663593140.cds277.lo4.hn,1663593140.cds066.lo4.c
content-type: application/x-javascript
cache-control: max-age=33945
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 5673

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

43 B
793 B

43ms
43ms

Image
image/gif

52.30.214.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Server

52.30.214.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-214-212.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 19 Sep 2022 13:12:20 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1
Date: Mon, 19 Sep 2022 13:12:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593140604&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGG...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1663593140604%26url%3Dhttps%253A%252F%252Fwww.armorblox.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593140604&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGG...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593140604&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAG...

0
265 B

166ms
119ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593140604&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&liSync=true&e_ipv6=AQLOOzeSKgpQ5AAAAYNV4NOoMj_vDYecDKgN3fetVgqDpqNQhV-FSFwQLQ82hRH4oLL6kr8
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E75AF4E2026E4947B0AD5F930B993F31 Ref B: FRAEDGE1206 Ref C: 2022-09-19T13:12:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpB3Y9KgXIgR53oEIVYw==
x-li-fabric: prod-lva1

Redirect headers

date: Mon, 19 Sep 2022 13:12:21 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0FF80837E9994BF5A4EEBF540F90F140 Ref B: FRAEDGE1321 Ref C: 2022-09-19T13:12:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663593140604&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&liSync=true&e_ipv6=AQLOOzeSKgpQ5AAAAYNV4NOoMj_vDYecDKgN3fetVgqDpqNQhV-FSFwQLQ82hRH4oLL6kr8
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpB3Y6dWgif8n1M7Pgtw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 620
date: Mon, 19 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 15:02:00 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
304 B 16ms
16ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fem.armorblox.com%2F&_biz_h=-1906410348&_biz_u=3a5451e15af243c4db0e22fbcf5430fd&_biz_s=5faefa&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&_biz_t=1663593140637&_biz_i=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&_biz_n=0&rnd=275435&cdn_o=a&_biz_z=1663593140638
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:20 GMT
last-modified: Wed, 14 Sep 2022 14:12:01 GMT
server: ECS (frb/6760)
age: 428419
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 38ms
16ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=3a5451e15af243c4db0e22fbcf5430fd&_biz_s=5faefa&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&_biz_t=1663593140641&_biz_i=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&rnd=539252&cdn_o=a&_biz_z=1663593140641
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:20 GMT
last-modified: Thu, 15 Sep 2022 23:58:30 GMT
server: ECS (frb/67C2)
age: 306830
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 34ms
33ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 13:12:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4677
Expires: Wed, 28 Dec 2022 13:12:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-103936869-1&cid=902420925.1663593141&jid=1987638925&gjid=206043031&_gid=55740921.1663593141&_u=YGBAiEABRAAAAE~&z=780660905

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Sep 2022 13:12:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.armorblox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=832322830&t=pageview&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABR~&jid=1987638925&gjid=206043031&cid=902420925.1663593141&tid=UA-103936869-1&_gid=55740921.1663593141&gtm=2wg9e05DM95KB&z=1843389890

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 18:48:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66251
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
546 B 141ms
140ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=3a5451e15af243c4db0e22fbcf5430fd&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.08.11
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 845e0731bd111cbd53e54d7eaa7802b7ccaceb173d0e97fa8ee4ddecb46eabac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:19 GMT
content-encoding: gzip
server: ECS (frb/6711)
etag: 7951F802
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 218

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/ 3 KB
2 KB 102ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1663593140674&cv=9&fst=1663593140674&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&auid=1913405463.1663593141&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d94e6105f81b49586250c90894df3e2a71549424fec61a67874f1851bf5c26b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
176-xmj-030.mktoresp.com/webevents/ 2 B
318 B 822ms
170ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://176-xmj-030.mktoresp.com/webevents/visitWebPage?_mchNc=1663593140682&_mchCn=&_mchId=176-XMJ-030&_mchTk=_mch-armorblox.com-1663593140681-99250&mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&_mchHo=www.armorblox.com&_mchPo=&_mchRu=%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fem.armorblox.com%2F&_mchQp=mkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 13:12:21 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 42ce225d-2a1f-47d3-9c96-85fed72750dc

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 94ms
54ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103936869-1&cid=902420925.1663593141&jid=1987638925&_u=YGBAiEABRAAAAE~&z=456846964

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 159ms
120ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103936869-1&cid=902420925.1663593141&jid=1987638925&_u=YGBAiEABRAAAAE~&z=456846964

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms2.min.js Show response
app-sj27.marketo.com/js/forms2/js/ 208 KB
69 KB 97ms
34ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 04:27:51 GMT
server: cloudflare
age: 5426
etag: "25e05e2-33e56-5e731742b0ec1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 74d2928bebe49064-FRA
expires: Mon, 19 Sep 2022 17:12:21 GMT

GET
H2 200 stories Show response
api.storyblok.com/v1/cdn/ 67 KB
23 KB 77ms
20ms XHR
application/json 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.storyblok.com/v1/cdn/stories?token=Qd69ZOZO6sHj2uVQzEsu3gtt&by_uuids=c30cefe9-d11f-4511-9958-5e9a0879a791,623ef6b2-4f7f-4901-9a02-55f797403c9e,f673115e-dd13-4409-9ba6-bc1025704c0b,bb1bb925-f90d-4afd-9e42-ba46883b8ece,c65903fa-9042-472f-b942-6d8fd4c4c0e9,711ed5f7-c3b1-4e20-b751-184bc4811c8a

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-24.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

42a8f795eb7183f35ebfa83536ce0c6bac400c532157b6cd0551ab3952ade5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:47:02 GMT
total: 6
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 8719
x-cache: Hit from cloudfront
per-page: 25
content-encoding: gzip
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
x-request-id: 9d14c8f7-d268-4655-9013-b4fc47e31c54
x-runtime: 0.060442
access-control-allow-origin: https://www.armorblox.com
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
etag: W/"42a8f795eb7183f35ebfa83536ce0c6b"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
access-control-expose-headers: Api-Version, Token, Total, Per-Page
cache-control: max-age=0, public, s-maxage=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
link
x-amz-cf-id: LxSxJfiHP-DN3BXrfXst5ZaC_7NM2VJG68DAvWh6DwUJAp1zZihbSQ==

GET
H3 200 /
www.google.com/pagead/1p-user-list/726574466/ 42 B
64 B 70ms
29ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726574466/?random=1663593140674&cv=9&fst=1663592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=2802459978&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/726574466/ 42 B
548 B 29ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/726574466/?random=1663593140674&cv=9&fst=1663592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=2802459978&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/ 0
11 KB 29ms
26ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MSZEH239ZXQPF1T21Z3
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "5411a8413360ef760775c56e4d39463f-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10842
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/ 0
9 KB 32ms
29ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MSZHM3S5TY1P22DHKBW
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "7adfe3816bedb0f2c778181f307eaf39-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9523
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/ 0
5 KB 368ms
365ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MSZD35S83RF7AFB15EK
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "93e378674244b50145d530929bf27a92-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:12:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/education-industry-email-security/ 0
11 KB 28ms
25ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/education-industry-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MSZX26723197HMJNHZM
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "2102beee383b11bd12978dc7c98dc894-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11288
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/business-email-compromise/ 0
12 KB 32ms
30ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/business-email-compromise/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MSZY4D2F3Z7GA3ZW0K8
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "19b823b1ca4a078af703281aac9ed19e-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11675
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/financial-services-email-security/ 0
11 KB 26ms
23ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/financial-services-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MSZFET6GCD62SF44EVP
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "752a4f76a8c8be6ec6bd1c268838efcc-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10903
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/email-account-compromise/ 0
11 KB 35ms
32ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/email-account-compromise/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MT0ZC7E6VZK9KMDX69H
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "611164b4f3e5f6c850cc0a1295c23fa8-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11435
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/blog/authors/abhishek-iyer/ 0
5 KB 260ms
258ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/authors/abhishek-iyer/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MSZ04G8871GNAAPNBQC
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "0af76f08c60c10c67c9aa2bbc05c0955-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:12:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/google/ 0
9 KB 26ms
24ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/google/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MT0YNN75ZG2MV1JKG8Y
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "210096b8cb8a11a5f85dc7b0e12317fa-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9436
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/microsoft/ 0
10 KB 30ms
28ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/microsoft/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MT0ZEJ9TWA16CT4172J
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "bba2c8576f91a1360379ac962b5db331-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9819
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/data-loss-prevention/ 0
11 KB 42ms
40ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/data-loss-prevention/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MTMMPJ2DCJHD4C9603R
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "100732a4b702cab4e7f75c001dc7bb97-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11483
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/industries/healthcare-email-security/ 0
11 KB 61ms
60ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/healthcare-email-security/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MTM8BV3EPHX9Q1M16Y9
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "829212c216ea1ae673a0a4135f797829-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10898
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/customers/ 0
10 KB 43ms
41ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/customers/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MTMNCB7XCERCEXPQ7Z8
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "c6e46550fb0812a1a43fe140e46ee0b8-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10617
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/index/ 0
10 KB 268ms
267ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/index/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MTM6W2SC2H2R3ZW5866
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "60b3ad9d242a39c1f564a9c2a3287bb7-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:12:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.armorblox.com/page-data/solutions/executive-impersonation/ 0
12 KB 40ms
39ms Other
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/executive-impersonation/page-data.json

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.armorblox.com/
Origin: https://www.armorblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MTM540X2D5MYW0CE93P
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "1e0201d8228407712beb8cac83d7b257-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12004
x-xss-protection: 1; mode=block

GET
H2 200 6si.min.js Show response
j.6sc.co/ 30 KB
10 KB 72ms
23ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

b71f76186117ab510aca8eb8208815da837acdd4b29e171c9897993175c28878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Aug 2022 22:26:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "630402a0-786e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 9594
expires: Mon, 19 Sep 2022 13:12:21 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/ 3 KB
1 KB 137ms
103ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1663593141053&cv=9&fst=1663593141053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&auid=1913405463.1663593141&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d96b1c34042991a17f8173648ca9ed1f920efc7bd2b4111432795838919e2a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 17ms
15ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 21:24:41 GMT
server: ECS (frb/67D4)
age: 57443
etag: "5ba639149c9d81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32316

GET
H2 200 ikk2zzg7t3aw.js Show response
js.driftt.com/include/1663593300000/ 214 KB
61 KB 26ms
15ms Script
application/javascript 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1663593300000/ikk2zzg7t3aw.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-62.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

230cef17f8b019c9e5987e1966b3e131c21fa794a0d76b3a4a712fa849dbee58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: N6U5KL_Z1eVcggYSKxAOUng14z.yWLni
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront), 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
etag: W/"7fcb1454db860e57f83119b09d3fdb80"
age: 1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 21:04:17 GMT
server: nginx
date: Mon, 19 Sep 2022 13:12:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true, true
x-amz-cf-pop: IAD89-P1, FRA53-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b8XUY_p96TI0KRC8TcBmAVvIGTHtBLQJmoOu1rDMBsP05QbWPwiVCw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 54ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: ZEaQGZbS6fUke4Zwi14JYSsV6gH0YZbskByJRfhzDCJS8ar3F6BBpcAQkoBM23UhL+V6BNjaOz2yKMGDukPd7Q==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 13:12:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 6 KB
6 KB 44ms
30ms Script
application/x-javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
last-modified: Fri, 10 Dec 2021 19:19:18 GMT
x-amz-request-id: tx0000000000000a52c050d-00631fb4cd-3ade62ea-sfo2a
etag: "b407e44b8c40c183ae2c50df3bbcf151"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1663593141.dop250.lo4.t,1663593141.cds277.lo4.hn,1663593141.cds066.lo4.c
content-type: application/x-javascript
cache-control: max-age=33944
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 5673

GET
H2 200 ha-analytics.js Show response
analytics.humanautomation.ai/ 61 KB
20 KB 456ms
218ms Script
application/javascript 34.195.229.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics.js
Requested by: Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.229.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-229-137.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: d3383dd19ed9aad4099c7b406339e82c23385d4d015eba91ec048bbdb8051f25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 02:06:25 GMT
server: nginx/1.20.0
etag: "f3dd-5e80cc28faa40-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 20312

GET
H2 200 ha-analytics-form-tracking.min.js Show response
analytics.humanautomation.ai/ 10 KB
3 KB 345ms
108ms Script
application/javascript 34.195.229.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics-form-tracking.min.js?v=1663593141066
Requested by: Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.229.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-229-137.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 376c16c0f5598f8c744c19291f060232fd0bfa3cd685e7bdbedb5bd1d5779c56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 02:06:25 GMT
server: nginx/1.20.0
etag: "2993-5e80cc28faa40-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3273

GET
H2 200 4MreV1Ai7H5ui5ARpnnT Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 311ms
229ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/4MreV1Ai7H5ui5ARpnnT

Requested by

Host: em.armorblox.com
URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1d5f6b881ea283392a85af5d685749aff241a4458826f5cb40f6747b95717e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 74d2928c4bbe0200-ZRH
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 89ms
37ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2d4580826066e1532c01cc968fd02336e372b28773584a80c37801a22445a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 19 Sep 2022 13:12:21 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
15ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=832322830&t=pageview&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABRAAAAE~&jid=&gjid=&cid=902420925.1663593141&tid=UA-103936869-1&_gid=55740921.1663593141&gtm=2wg9e05DM95KB&z=1138573761

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 18:48:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66252
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 136ms
42ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=pzpbnk3&ct=0:cg0zq4c&fmt=3
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 93ms
42ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=pzpbnk3&ct=0:g19hf38&fmt=3
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/financial-services-email-security/ 39 KB
11 KB 25ms
16ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/financial-services-email-security/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

93a805e1e77c07570d61dda3ff689dcf2a205ee1452de272d4a2d17e29c352ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVAJB043Y5JSRV07YPZ
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "752a4f76a8c8be6ec6bd1c268838efcc-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10903
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/google/ 37 KB
9 KB 27ms
17ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/google/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

dc993be385b63c746e962cc42adb2ba08a67c3c5eafbd08b28014e105aa8c2d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVBPN1H9BPJV319CXD2
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "210096b8cb8a11a5f85dc7b0e12317fa-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9436
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/education-industry-email-security/ 41 KB
11 KB 27ms
18ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/education-industry-email-security/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ab4f468b462952c0b24e589333f2b18cb4ff05177c3d9353d24e8f44d519d2b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVBBM65YPGKKH82GBRE
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "2102beee383b11bd12978dc7c98dc894-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11288
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/ 38 KB
11 KB 44ms
36ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

7affec8282a03eb4eb47780a46e9d8c7f2f5603cfe6be321dd064d03ac60eef3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVBTB6MVHZ4XPXTX58Q
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "5411a8413360ef760775c56e4d39463f-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10842
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/microsoft/ 40 KB
10 KB 26ms
19ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/microsoft/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

fc1e1b414a41e1039d0995863c848978cead85dd93713dedde86a5f4036f046c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVB51RE8B4Y8EZH5YCD
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "bba2c8576f91a1360379ac962b5db331-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9819
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/ 38 KB
9 KB 34ms
27ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c196eda385cab60127300efb93c6ee115a48025ede63f48cdd7c7e2a93f27966

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVBVKWZR0K3EM7MKYAY
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "7adfe3816bedb0f2c778181f307eaf39-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9523
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/business-email-compromise/ 42 KB
11 KB 24ms
18ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/business-email-compromise/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

df26a4efbeab7bdc6099663f5762fe2b6c6fd53230064e7503104e3a9582fc37

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVBCHHNHKEPQHF0N8D0
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "19b823b1ca4a078af703281aac9ed19e-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11675
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/email-account-compromise/ 40 KB
11 KB 24ms
18ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/email-account-compromise/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e046beb1e5af3b7941fe46f8a42016dfa89157e68b398da5bb61d49b6eb47bdc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVB1CFEJE8GJNW79DJD
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "611164b4f3e5f6c850cc0a1295c23fa8-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11435
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/executive-impersonation/ 43 KB
12 KB 25ms
23ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/executive-impersonation/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

2506da391f7bf08d8933cbf783cca162d930429b131903dfdc1bb198a60a821e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVBD9F91QRKEZVWR11K
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "1e0201d8228407712beb8cac83d7b257-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12004
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/solutions/data-loss-prevention/ 42 KB
11 KB 26ms
24ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/solutions/data-loss-prevention/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d42b61b91e910fd6515346f7dd2f09542a3fd2cb080e14ea1a737c414abeb085

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVBEK882AAATYHK0P5B
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "100732a4b702cab4e7f75c001dc7bb97-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11483
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/customers/ 43 KB
11 KB 19ms
17ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/customers/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d7166701ae98da2295d5e82857f3d7dc1baa451671130585ef74283729c25874

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MVCNXPXXQRVZ5NMSNQF
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96480
etag: "c6e46550fb0812a1a43fe140e46ee0b8-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10617
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/industries/healthcare-email-security/ 39 KB
11 KB 25ms
16ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/industries/healthcare-email-security/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

42fc1ae55974f761daff6f271095d76b4ebdd16b9c7562960ee5bea66e8ae60c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MW84RW91AEWP8ADNQZ9
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96479
etag: "829212c216ea1ae673a0a4135f797829-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:22 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10898
x-xss-protection: 1; mode=block

GET
H2 200 component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js
www.armorblox.com/ 0
730 B 24ms
17ms Other
application/javascript 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js

Requested by

Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1MW8JZMZD12BKQGEE1XZ
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 96481
etag: "2d0811591db3318cce645b6711f1a16e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
date: Sun, 18 Sep 2022 10:24:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 584
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
705 B 70ms
22ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 13:12:21 GMT
X-Proxy-Origin: 146.70.117.118; 146.70.117.118; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ee5e1cba-e9d1-4c3b-b668-4c710c440650
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.armorblox.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
204 B 23ms
23ms XHR
text/html 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.armorblox.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H3 200 212326003800453 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 212ms
194ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212326003800453?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

809db6c849488a111554cadd2cf358db4a820e9d908208250be6d155c2aacda2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: LhKJ2rDeyyox2z1qupgrHrwWaJN4axN8aI7xQo4bnlDAG9YEaemVYBfQIhsEMIVNGJo3HLKyzRht/7R3I+qf9g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 13:12:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 getForm Show response
app-sj27.marketo.com/index.php/form/ 3 KB
1 KB 105ms
105ms Script
application/javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-sj27.marketo.com/index.php/form/getForm?munchkinId=176-XMJ-030&form=1082&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F&callback=jQuery112406933441896609218_1663593141153&_=1663593141154
Requested by: Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35d58763def07040da2efd70ec478a5d87b8f6874212896b93c56120651d95b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d2928c5c9f9064-FRA
cached: true
content-type: application/javascript; charset=utf-8

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/a97e97de/www-widgetapi.vflset/ 161 KB
52 KB 50ms
16ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a97e97de/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53518
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 21:54:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Sep 2023 12:05:58 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 231ms
230ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=783da784-75fc-471f-8527-3b49737360ca&session=01c2c56e-4f9b-4e6f-8024-fa991361e755&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A21%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&pageViewId=b61c9ce0-1e6f-41fa-8c7f-ba539978e2cb&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/726574466/ 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/726574466/?random=1663593141053&cv=9&fst=1663592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=4158462508&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/726574466/ 42 B
64 B 66ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/726574466/?random=1663593141053&cv=9&fst=1663592400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&ref=https%3A%2F%2Fem.armorblox.com%2F&tiba=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&async=1&fmt=3&is_vtc=1&random=4158462508&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 13:12:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms2.css
app-sj27.marketo.com/js/forms2/css/ 13 KB
3 KB 47ms
46ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
age: 5425
etag: "25e038d-3437-5e66047a81540"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74d2928d0d8d9064-FRA
content-length: 2623
expires: Mon, 19 Sep 2022 17:12:21 GMT

GET
H2 200 forms2-theme-simple.css
app-sj27.marketo.com/js/forms2/css/ 826 B
365 B 30ms
30ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
age: 4377
etag: "1000341-33a-5e66047a81540"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74d2928d0d8e9064-FRA
content-length: 242
expires: Mon, 19 Sep 2022 17:12:21 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 439 B
429 B 58ms
21ms XHR
application/json 52.58.117.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.117.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-117-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 268697b8ebe079ad0fa1b732980ae780cebe9b6bfcd060c76b0bd3657c8cf4bb

Request headers

Authorization: Token feeee1c1b8e5fdaa6744704973e2bdfb76df296b
Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.armorblox.com
access-control-allow-credentials: true
content-length: 242

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 65ms
19ms Preflight 52.58.117.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.117.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-117-7.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.armorblox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.armorblox.com
access-control-max-age: 1800
date: Mon, 19 Sep 2022 13:12:21 GMT
server: nginx

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/blog/authors/abhishek-iyer/ 19 KB
5 KB 17ms
17ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/authors/abhishek-iyer/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5ed7071748f7490216d3f80c420696657ddc7d882d48daac1e9bbe2721840a52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1N26ZKH38Q42JN03QV7Q
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "0af76f08c60c10c67c9aa2bbc05c0955-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:12:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5040
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/index/ 43 KB
10 KB 16ms
16ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/index/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ffedecaa5ea039ffbdc1cc9d651a4856e08a9f2bbd9e2a5dccefc7cd38e42226

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1N2DNMJVHN2HJYSEWDW0
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "60b3ad9d242a39c1f564a9c2a3287bb7-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:12:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10292
x-xss-protection: 1; mode=block

GET
H2 200 XDFrame Show response
app-sj27.marketo.com/index.php/form/ Frame AA99 2 KB
882 B 194ms
193ms Document
text/html 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/index.php/form/XDFrame

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a0c246d0f89264c120505dc030b7aeb15c8290b4025c27054b7103af03f1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 74d2928d9e5d9064-FRA
content-encoding: gzip
content-length: 652
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 13:12:21 GMT
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 176ms
100ms Script
application/javascript 2606:4700::6812:1ecd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/4MreV1Ai7H5ui5ARpnnT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b05f32b262a8ddfa4c0322b0b4b376258b7996177b98d5a1e2b4585d20cba27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 52008
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: voLTTawX.GcVEDQiIRYzY2txm8P5Ii8i
last-modified: Fri, 16 Sep 2022 04:12:14 GMT
server: cloudflare
etag: W/"9d3ea74a65932cc93f95029e15978232"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6a3cc273c6d3056526b53421b6dd28ea.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
cf-ray: 74d2928e3ed50221-ZRH
x-amz-cf-id: sU2Hp_rP2Sujid763U_j8QbgSle8TWz87cTzd0nFspbijIni6e4a9g==

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 70ms
24ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212326003800453&ev=PageView&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&rl=https%3A%2F%2Fem.armorblox.com%2F&if=false&ts=1663593141410&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663593141409.1244054168&it=1663593141142&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 19 Sep 2022 13:12:21 GMT

GET
H2 200 page-data.json Show response
www.armorblox.com/page-data/blog/ 20 KB
5 KB 24ms
23ms XHR
application/json 2a05:d014:275:cb01:8d93:e14c:3058:b0f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.armorblox.com/page-data/blog/page-data.json

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

162e18544f336f5335835730a3d017b65749cda68d94de3efafe10d679fa72a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id: 01GDAY1N5MWAZNGXS60K19F4M8
content-security-policy: frame-ancestors 'none'
content-encoding: br
server: Netlify
age: 0
etag: "93e378674244b50145d530929bf27a92-ssl-df"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
date: Mon, 19 Sep 2022 13:12:21 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5449
x-xss-protection: 1; mode=block

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
507 B 339ms
116ms XHR
application/json 35.168.171.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.171.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-171-75.compute-1.amazonaws.com
Software: Aorta/20220915.002ce0217 /
Resource Hash: b52f30e5ee9a5044342e62a44a55a996facb49a19794dc60958f05f62ac2263b

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
server: Aorta/20220915.002ce0217
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.armorblox.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 54deabcd2f29
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
328 B 336ms
107ms XHR
text/plain 44.205.92.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.92.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-92-219.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.armorblox.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H2

200

51557
stags.bluekai.com/site/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:4f168b72d145fa83fcf1e7b3d3e7dc2e&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:4f168b72d145fa83fcf1e7b3d3e7dc2e&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_U...
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=68906169514606781860837220216730023510
https://stags.bluekai.com/site/51557?id=c:4f168b72d145fa83fcf1e7b3d3e7dc2e&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1

62 B
227 B

283ms
197ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/51557?id=c:4f168b72d145fa83fcf1e7b3d3e7dc2e&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:22 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

Redirect headers

date: Mon, 19 Sep 2022 13:12:22 GMT
server: Aorta/20220915.002ce0217
location: https://stags.bluekai.com/site/51557?id=c:4f168b72d145fa83fcf1e7b3d3e7dc2e&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 26f97b443060
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

451

711861.gif
id.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/liveramp_redir
https://id.rlcdn.com/711861.gif

0
98 B

350ms
25ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711861.gif
Requested by: Host: www.armorblox.com
URL: https://www.armorblox.com/blog/blox-tales-netflix-credential-phishing/?mkt_tok=MTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Mon, 19 Sep 2022 13:12:21 GMT
server: Aorta/20220915.002ce0217
location: https://id.rlcdn.com/711861.gif
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 7c0737f56d84
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 forms2.min.js Show response
app-sj27.marketo.com/js/forms2/js/ Frame AA99 208 KB
69 KB 33ms
32ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj27.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-sj27.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 04:27:51 GMT
server: cloudflare
age: 5426
etag: "25e05e2-33e56-5e731742b0ec1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 74d2928ee8429064-FRA
expires: Mon, 19 Sep 2022 17:12:21 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C110 0
18 B 36ms
16ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.armorblox.com
Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.armorblox.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 13:12:21 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 210ms
209ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=783da784-75fc-471f-8527-3b49737360ca&session=01c2c56e-4f9b-4e6f-8024-fa991361e755&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A21%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&pageViewId=b61c9ce0-1e6f-41fa-8c7f-ba539978e2cb&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 core Show response
rc-animation-feature.js.driftt.com/ Frame 3D37 2 KB
1 KB 367ms
321ms Document
text/html 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1663593300000/ikk2zzg7t3aw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 19 Sep 2022 13:12:22 GMT
etag: W/"e0ba8c4792c65912a0f27752679f2268"
last-modified: Tue, 13 Sep 2022 21:03:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-id: jb42IkPHOvyP7doQvb-Z1FLSLiJSPJ5OSm2nYWBGca-feYHurFnUBw==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: izJFrdH2yNnWzZMQ3OGPAoytmJy4p0X4
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
rc-animation-feature.js.driftt.com/core/ Frame 8A33 2 KB
1 KB 351ms
306ms Document
text/html 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1663593300000/ikk2zzg7t3aw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.armorblox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 19 Sep 2022 13:12:22 GMT
etag: W/"e0ba8c4792c65912a0f27752679f2268"
last-modified: Tue, 13 Sep 2022 21:03:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-id: GNGqlyMxtG_l7pzu8T_NBYSRM9cJp3sbkATij9qEvqYqqXcqVT68RQ==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: izJFrdH2yNnWzZMQ3OGPAoytmJy4p0X4
x-cache: RefreshHit from cloudfront

POST
H2 204 ha-analytics.php
analytics.humanautomation.ai/ 0
140 B 166ms
165ms Ping
text/plain 34.195.229.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.humanautomation.ai/ha-analytics.php?action_name=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&idsite=317&rec=1&r=667793&h=13&m=12&s=22&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&urlref=https%3A%2F%2Fem.armorblox.com%2F&_id=b4e409a7c8141b95&_idn=0&_refts=1663593143&_ref=https%3A%2F%2Fem.armorblox.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=ajMMxI&pf_net=128&pf_srv=133&pf_tfr=19&pf_dm1=403&pf_dm2=1993
Requested by: Host: analytics.humanautomation.ai
URL: https://analytics.humanautomation.ai/ha-analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.229.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-229-137.compute-1.amazonaws.com
Software: nginx/1.20.0 / PHP/7.4.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.armorblox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.armorblox.com
date: Mon, 19 Sep 2022 13:12:22 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
x-powered-by: PHP/7.4.30

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=832322830&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&dr=https%3A%2F%2Fem.armorblox.com%2F&ul=en-us&de=UTF-8&dt=Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6sense&ea=6sense%20enrich&el=6sense&_u=aGDAiEABRAAAAE~&jid=&gjid=&cid=902420925.1663593141&tid=UA-103936869-1&_gid=55740921.1663593141&gtm=2wg9e05DM95KB&cd10=%5Bobject%20Object%5D&cd12=United%20Kingdom&cd18=&cd19=&cd20=&z=1329556437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 18:48:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66253
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.d8e34284.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 6 KB
3 KB 134ms
133ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:12 GMT
server: nginx
etag: W/"6a378099d695e018c52e103c6bef3506"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NqbipGbj6ABaLzielWSrKtKayfSJGdA5
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wcqBj_XMH4RqR_o-axfdi0eScoifAwE1OkJ1WQveCSo84vEUUuoaMg==

GET
H2 200 8.611ead2e.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 35 KB
13 KB 143ms
143ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:59 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QZHOHT7DjLRvue69mrq5hjzngmB1OrJd
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: woh5mdEn0SoqzxPhFcR5cEYzr615_7p4Ky3Vr9-SeYuQ4l1_5HSltQ==

GET
H2 200 main~493df0b3.7d8b6029.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 7 KB
3 KB 140ms
140ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/main~493df0b3.7d8b6029.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:59 GMT
server: nginx
etag: W/"d67b9f21a56510a527a7f7537b00473f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1czJDXHE2WzvBUwOnEFLYJU9jQAQz6ec
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gY-VaNheySysJb0BpKQC9F_ze-Y_tX-i1onoJkN-EM4BAczzETvg2g==

GET
H2 200 runtime~main.d8e34284.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 6 KB
3 KB 139ms
138ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:12 GMT
server: nginx
etag: W/"6a378099d695e018c52e103c6bef3506"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NqbipGbj6ABaLzielWSrKtKayfSJGdA5
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gxaQVS3wMuymxxUz4PFoFJW8c815WVIxEZkLiKNof0o3seNbc0TZyQ==

GET
H2 200 8.611ead2e.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 35 KB
13 KB 140ms
139ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:59 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QZHOHT7DjLRvue69mrq5hjzngmB1OrJd
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HwXv9b14bXYHJCvBud0sN6NbZVzsPEIeACl7tzQ8tRdAG4xzRijR7g==

GET
H2 200 main~493df0b3.7d8b6029.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 7 KB
3 KB 138ms
137ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/main~493df0b3.7d8b6029.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://rc-animation-feature.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:59 GMT
server: nginx
etag: W/"d67b9f21a56510a527a7f7537b00473f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1czJDXHE2WzvBUwOnEFLYJU9jQAQz6ec
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RGkPRn6H7JSLFf0b0qRRz0JUAc89wBmpzsmP6MRjmo1uBbPIGOSTDw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 255ms
255ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=783da784-75fc-471f-8527-3b49737360ca&session=01c2c56e-4f9b-4e6f-8024-fa991361e755&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A22%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&pageViewId=b61c9ce0-1e6f-41fa-8c7f-ba539978e2cb&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 48.36272856.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 47 KB
14 KB 322ms
316ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"11fc6ce0a6034588f5e23638e2b6c3f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ChtUqryNYu5xI3CdfAsqp2eA81vWUaqx
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZwaL3GIAGScWWncqDyC6y9yFzkcLkVajgd7_f-4SVoMBtlYL2mijfQ==

GET
H2 200 22.fd21eb42.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 44 KB
13 KB 136ms
130ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zPEwGsJO2GOXFHj8FOoox_vv4ChOYfMi
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BoqM8cs6ecjHU0qQFU42ap2UnJ0SNmAsi0PfNSWjtb4zVBQKpQbcHw==

GET
H2 200 18.40ab7295.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 16 KB
5 KB 154ms
149ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/18.40ab7295.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"fafe5f62fc3aec49b7966fa154962db8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j41UkziZUJwWbrG0CUmyzE3aF_anbP3m
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hSLTqvVFRHLuFqEwPJx7a0UC2JOmZWbOgv546qP-fW9nTjbgJgLOmw==

GET
H2 200 39.0cc86423.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 25 KB
8 KB 145ms
140ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SpI.sueRnZrBRR7HPfz2cmdeWfyNSaK3
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ikttUYShX7xgzGqtAN4W1kiLHaPnS_Tjh2fM6vFCdXuSX0DC5Yegyg==

GET
H2 200 20.8c21ea18.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 74 KB
23 KB 153ms
148ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oFrM3dzrhH1DyCTr3n.Sa2JzPNnGezf6
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _jsrw_x7keMPAFBS09apiGdgTIR8VpalX72U4YJZDdzYP9V-NCvxlA==

GET
H2 200 25.8f107198.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 59 KB
19 KB 147ms
142ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g7FL8jZBBAi3p8YuObM1ZmUZKpb7MuM4
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JSWNXAYJe58mWnq27DqC5ca1eCNMwRfq6MODOpC5U4sqXjqPB5snpg==

GET
H2 200 13.3e86f1f6.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 91 KB
28 KB 138ms
133ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AxnZ8nC4Q3DuokuMRzz.UbB8aA156qN1
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rt-2F75qoiqykylkxAOi4zcqV_MNW929SlYG26_9gKeYu6i2Ey_3qw==

GET
H2 200 11.639238ba.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 23 KB
7 KB 141ms
136ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 41Rj_7QKP59w2WnODlMWAa6QFTo_5uBY
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cv3DpB2z9GRjBnsBlxbXzbhl06qEAAC0FVNPUYank0KElRn19eZuNg==

GET
H2 200 16.fde6fa28.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 62 KB
20 KB 164ms
159ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0xZuV14y624uLSujRriaDc3gqoEfur.i
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zM1Im27cFfKOr96N4u0oVprUm0_IGxtOGIClszmC3Toi-lx4sdfu5g==

GET
H2 200 46.c9d569f4.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 105 KB
34 KB 158ms
154ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/46.c9d569f4.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"60ea9f8ff45a51f96f67728ef12e7e79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oUPGVpakMmoJerO2MwT3_xwAqKjkt3EO
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VoLjQtpacEtTQwcpFW_gBIz76ySDerZ3Z2vR6MhpBY2tjAisgUlVkg==

GET
H2 200 37.9da17c94.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 12 KB
4 KB 169ms
165ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5SBsoGmcP9N86ozFwl1TdhprKX5njRD0
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: inmSQ5X4ySHS0VhaVQT9sKChLNm3BDj3K4oQw4A-7C8iiVC8vtMEHw==

GET
H2 200 28.190877b8.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 13 KB
5 KB 160ms
156ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EoHU2.ZmCXZqPxgkHs2ufHdi99tEdALt
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BNv_WR3NH_-Oe7cXlggXzSsgwlZbqvdCp9K1v4T3GbukbsiU-kuP_Q==

GET
H2 200 21.b8c41db9.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 17 KB
7 KB 169ms
166ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XMKz64The0KMyOy8NmPKNtYJQSVclmxO
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s3SgNF2Pl6ahlRZ8-8elXlUPr6C-jARuWkgwP2nVE-zgdy2a8xYzoA==

GET
H2 200 9.169d3073.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 8A33 14 KB
3 KB 138ms
134ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/9.169d3073.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:56 GMT
server: nginx
etag: W/"b35f8e1e1998cfcf5160bc69e61be733"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PZY.oixBibrDNnD59vTC4Op0rvbjRJ63
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2xC_uRuomVVDBSEWEOD_5tI9yyzvMUHY2dSer57bi6-zmD5X-aXlBw==

GET
H2 200 9.4e9a6912.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 75 KB
23 KB 158ms
155ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/9.4e9a6912.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:10 GMT
server: nginx
etag: W/"1583eb6b96fc71c5f3e5fe4b18d55653"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MMkDWFVJ3r5urAC5RWnxS3iyLZdWunFL
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 94WL8VcvKwyseAA9vsp8K5Umsiw1AHki89N4fKbNpHIWJGVuFY1XEA==

GET
H2 200 17.22abfce0.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 8A33 24 B
666 B 130ms
127ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 24
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7M8NQbikpJSuSrkEvIs9L5H_sdNTRjFB
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TBFOMFR1VW00nmH6oOttJWUHJnZVEdow5D1wXzPwwGCuXougnbPOBQ==

GET
H2 200 17.476e9aab.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 79 KB
20 KB 158ms
155ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/17.476e9aab.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"b173e0f836b953dbfe3cc5b6f7998e32"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Makaq_gpS4VURm2Y6rXMU_s75TU7K9hM
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3emEsYgWXiqRWLDwVh_O7b6zqg4FlpCKKmOMnSf_8RJUl3b1Z3Mzdw==

GET
H2 200 24.05a5d00e.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 48 KB
13 KB 161ms
158ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/24.05a5d00e.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:09 GMT
server: nginx
etag: W/"7c902daaa997b011f1e41f08418f4919"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: h6KX_In.TbaHrRtSbm9Wg.dZqwEU2m2T
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tKYgks9TN5dU3Oy0aeWA7u5IyEvZI4khS4ThqSZWZquvTQ85bl828A==

GET
H2 200 15.c7403a77.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 40 KB
13 KB 153ms
150ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/15.c7403a77.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"9fb8c393c69ee24f7ce7d62df0e4afdb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Aji_ExLXaz80qLYFKP4W1NUTlVaiVbgs
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CMiyl8s0X60K9W6BVtf7PUqZyvnx9QRBN8ajs_HPMqNd4JtEPyGADw==

GET
H2 200 48.36272856.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 47 KB
14 KB 135ms
131ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"11fc6ce0a6034588f5e23638e2b6c3f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ChtUqryNYu5xI3CdfAsqp2eA81vWUaqx
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0tePhuchPwzLaNFLqbTYMraKpz9qjbWwyI3T8_SGmldLuzaYNCyBlg==

GET
H2 200 22.fd21eb42.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 44 KB
13 KB 142ms
137ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zPEwGsJO2GOXFHj8FOoox_vv4ChOYfMi
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V5MTQB491OyAyAo15eVudhxyayLxQVEaTsgXr_tfDS9i-WtnP4AWhw==

GET
H2 200 18.40ab7295.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 16 KB
5 KB 138ms
133ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/18.40ab7295.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"fafe5f62fc3aec49b7966fa154962db8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j41UkziZUJwWbrG0CUmyzE3aF_anbP3m
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1DVjKDfCpTzTAKuOrPLxEZbYWjxnbKyf5nTZ1MJFLmS9fA7vNOthEw==

GET
H2 200 39.0cc86423.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 25 KB
8 KB 145ms
140ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SpI.sueRnZrBRR7HPfz2cmdeWfyNSaK3
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ns7y3sI5WwSv9rf8YwSI6cksbbVncCucjWRDddmYf0anU-w4ENLucA==

GET
H2 200 20.8c21ea18.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 74 KB
23 KB 147ms
143ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oFrM3dzrhH1DyCTr3n.Sa2JzPNnGezf6
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k1VgnLHRHRypbifNGHSRgln28MUVDlXLD3DzqJ64yG1TNlkRyyCdLw==

GET
H2 200 25.8f107198.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 59 KB
19 KB 135ms
131ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g7FL8jZBBAi3p8YuObM1ZmUZKpb7MuM4
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lL0iuTGvcQMt_gaQu5wqHZXlbYUBnE2NhzcsejFkSql6Xdpybpq07g==

GET
H2 200 13.3e86f1f6.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 91 KB
28 KB 146ms
143ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AxnZ8nC4Q3DuokuMRzz.UbB8aA156qN1
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zr9E4JZu5rKnbaQltgpq6kpBXW1V83D0BD1-t7swwFzVVo3_k5qf0A==

GET
H2 200 11.639238ba.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 23 KB
7 KB 177ms
173ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 41Rj_7QKP59w2WnODlMWAa6QFTo_5uBY
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2vsDxaWjdSzjI2W1AgDHT1G0qPu45yRl20V2ZkGNvA5bBQBMEake_Q==

GET
H2 200 16.fde6fa28.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 62 KB
20 KB 138ms
135ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:57 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0xZuV14y624uLSujRriaDc3gqoEfur.i
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mT01PrGmMMZlJfBGqOvtsK7BY6GQvWTn1KzOJYbJzbTN1-LfWtqBDA==

GET
H2 200 46.c9d569f4.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 105 KB
34 KB 157ms
153ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/46.c9d569f4.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"60ea9f8ff45a51f96f67728ef12e7e79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oUPGVpakMmoJerO2MwT3_xwAqKjkt3EO
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -IqjxX-Rdpmr02yN4aLWwEnscumTVxZp8LKvUirDPttkWnKgTfzvPA==

GET
H2 200 37.9da17c94.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 12 KB
4 KB 147ms
144ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5SBsoGmcP9N86ozFwl1TdhprKX5njRD0
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l0QXI6yjaB0uC1t_gJHsVr6GUWyTXttN1vS2SpWG3mc3zjNDQpf8EA==

GET
H2 200 28.190877b8.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 13 KB
5 KB 150ms
147ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EoHU2.ZmCXZqPxgkHs2ufHdi99tEdALt
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Iiid8l1NpAMJetA2Mbb1sN4D2X43gVICzBoGFcqOyOZYtBiCjLtUmQ==

GET
H2 200 21.b8c41db9.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 17 KB
7 KB 325ms
322ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XMKz64The0KMyOy8NmPKNtYJQSVclmxO
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SK15eDuCnij6S1psoolZHeaZXB1PaeIpqlgd2eLaUwbU6ERi465AIA==

GET
H2 200 9.169d3073.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 3D37 14 KB
3 KB 140ms
138ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/9.169d3073.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:56 GMT
server: nginx
etag: W/"b35f8e1e1998cfcf5160bc69e61be733"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PZY.oixBibrDNnD59vTC4Op0rvbjRJ63
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MkY52iupM_J_bOQAWWULsqUjOMRuSR6q4cxcSSc1DGA55aLFqMmGOw==

GET
H2 200 9.4e9a6912.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 75 KB
23 KB 322ms
320ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/9.4e9a6912.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:10 GMT
server: nginx
etag: W/"1583eb6b96fc71c5f3e5fe4b18d55653"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MMkDWFVJ3r5urAC5RWnxS3iyLZdWunFL
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Rry5wkL3Gr1sbO4tdZFlbaErz2XsWSPnDQwc2D-ln9BGvXmQia-3tw==

GET
H2 200 17.22abfce0.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 3D37 24 B
664 B 140ms
138ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 24
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7M8NQbikpJSuSrkEvIs9L5H_sdNTRjFB
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9cr4pMkONiZBvzsswNXt_eIcLxvdmvOMieRkllmcuUobdHfdTj20iQ==

GET
H2 200 17.476e9aab.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 79 KB
20 KB 325ms
323ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/17.476e9aab.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"b173e0f836b953dbfe3cc5b6f7998e32"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Makaq_gpS4VURm2Y6rXMU_s75TU7K9hM
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 63dYMgbgDy_n6flAJFx2FIQvgF4LxtfDr4cIWO15PIQsv5JNzD6R3g==

GET
H2 200 24.05a5d00e.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 48 KB
13 KB 151ms
149ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/24.05a5d00e.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:09 GMT
server: nginx
etag: W/"7c902daaa997b011f1e41f08418f4919"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: h6KX_In.TbaHrRtSbm9Wg.dZqwEU2m2T
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B3eXZJBApWBoUFqS8VewM-u2viWrrnpuwUg9Sq2DgxcZ4lAeTB42tA==

GET
H2 200 15.c7403a77.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 40 KB
13 KB 356ms
354ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/15.c7403a77.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"9fb8c393c69ee24f7ce7d62df0e4afdb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Aji_ExLXaz80qLYFKP4W1NUTlVaiVbgs
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Aye-wRf6rWW3Y-gDdh2_XgQ9lNBRQzTK4EaElTJw6PnWv2zPjGBEwQ==

GET
H2 200 34.11d2b6a7.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 8A33 3 KB
1 KB 136ms
136ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N_KxzZjd_ZP7LOgqtLd8HsFjreqtn5pz
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wANytXa01irBTcQ2Zdgy9i6Tc02yZpj1mrc_q0y-ZdyukQlzu7Puyw==

GET
H2 200 34.07340d2f.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 3 KB
2 KB 132ms
131ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/34.07340d2f.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"f732dfb3db72f996e1f4bc0225629a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JA7QRqqET3KSoiBpnl7nMN06us6LfCgP
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wnagztSonaWMlETY7-VmFjz6-CNgSBzzl1cGMUI81aWLzfIxgBkk1g==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 9 KB
3 KB 145ms
144ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:56 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aFGQuvpb3gkE3VQYCE5vHHYhRZDJU4CG
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZWL7BNEhDi32SEYPvCAEoESRBJujMI4E0jJDuKlPLeeij9v2Kx7OZQ==

GET
H2 200 3.07aa08a5.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 8A33 7 KB
2 KB 163ms
161ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H7cDCpm5lvDgDqsMSByhyAuCW8k6VnRi
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 21melhRvdmTPRs5Ypkdr28g_qgJkeRWAOW6gRV-SWiCvL6c3FkUlRg==

GET
H2 200 3.f50b964b.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 54 KB
15 KB 144ms
143ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2XtzxpgUbtghBGF1QyGMDft6S5hwd5Ht
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Yj74NmSKNKBvPWzT1DQPyj6YDsFj260py8pngpuQEqKbKxbrG2wVAw==

GET
H2 200 1.a51daee8.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 8A33 43 KB
7 KB 141ms
140ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/1.a51daee8.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

79b11c988e0926dcb77087f3c39a3c72f7226421b7992fa1aecbf89634906a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"2f8b87e824e4cc9983e43d6c7156ae79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _MkOIVop3VQW_bSIss_zdcnIVv9v489V
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o1ViJ5qCy4zIBSklucLjgiTL6hcM9qkYxWXgpnL7J492R1mYrIEz9g==

GET
H2 200 1.04a9dcea.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 73 KB
25 KB 142ms
141ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/1.04a9dcea.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

a19f7d373e0ca741a7e91bbb2e361a16e131ba3ad9482b0690d75bfac9463f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:07 GMT
server: nginx
etag: W/"0c3efd46a135f85a5f588cb042dbf5e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W9JyY1N6T0SfQngqvUrKtlBS3dts0P7d
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EShqdLg-gtYTbc9Vo1zjpcpIyR0sO3x4rDtso53LSreAjcT_BX0lOQ==

GET
H2 200 32.a39c83a8.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 8A33 14 KB
3 KB 147ms
146ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/32.a39c83a8.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

8c83e8a58f1d0c88d1574a24d528a31d7804cdd0741235010bf4ce5ffd30b878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"a5e166130ff052851935f17711177b8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OXkfWLhylAtl0YNtNVH1GNzXWw6cVRUz
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tO0BP0F0-5_WE_BzxQfYZfLSX2iwRylebg8wlD2JnBeiDEN4xjyjFg==

GET
H2 200 32.a2b7c4c5.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 8A33 12 KB
5 KB 137ms
137ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/32.a2b7c4c5.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

08180fe4782eb8a2703e219199e24d517b5a53544a9927aa56d65abe51d7b131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663593140128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 18:12:24 GMT
server: nginx
etag: W/"0556ad2949a758efdcc1debd3a59f9cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Oi8_qmktBlzygQE2aZshuaFltw01i0ao
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t4uJMmc5LZC-N8CMh7NC7KOpqYbTfcWvMb5-MrAstwBZ8x3G5nS7Iw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 200ms
195ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=783da784-75fc-471f-8527-3b49737360ca&session=01c2c56e-4f9b-4e6f-8024-fa991361e755&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A23%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&pageViewId=b61c9ce0-1e6f-41fa-8c7f-ba539978e2cb&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 9 KB
3 KB 136ms
134ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:56 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aFGQuvpb3gkE3VQYCE5vHHYhRZDJU4CG
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q_zilHjzDcqvoKXImlXd6v0E_eVp2ypDNP1NOTT5pdEQifOug1pJQA==

GET
H2 200 26.2d4cdbd1.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 34 KB
10 KB 152ms
150ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:58 GMT
server: nginx
etag: W/"c55d27c90bd5affbf7c7047151ac3b6a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: n5Y2H81f.oczzI0wU78KJf2ydGwTm9Lp
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MRxSU3OJlbL8zShQF7RRHb29LgF8VNZFh8Knmw_8nktOCdz7RM5CUg==

GET
H2 200 27.9bf46b67.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 3D37 8 KB
2 KB 151ms
149ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/27.9bf46b67.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5vdq0qaAsz.MotsXluqUHx8rSd7Ae6Fe
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7Gah2uyToz3joHJqFHLFM0FPEOupzGGK4y-4dz_lT9qBJi39Zd6eog==

GET
H2 200 27.da34d730.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 15 KB
6 KB 152ms
151ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/27.da34d730.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

1cc6a48f644462f4735b7a259785e44eea1a53b6a429c74693ef475535c10d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:09 GMT
server: nginx
etag: W/"46985c2ac15d55e93878f9a279658a9b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T_8zB8fkNHNpuiFbLa3o6egd.3lD3VlK
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0C5Wx50snwlWz4jNar-W1TCB0OIEW5bcmx5bSFw1QwiqPQEqOXQlrg==

GET
H2 200 19.c695453b.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame 3D37 365 B
1006 B 130ms
129ms Stylesheet
text/css 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 365
last-modified: Fri, 16 Sep 2022 16:12:55 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f80UXl8VQ_8VGE7.OAJv7cWacri13EiZ
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ePtEF-p_lSZZFneXhsIjfcUgmgvyvGd3NTAkYrWh9--rcJUWn2k0xQ==

GET
H2 200 19.9fb02756.chunk.js Show response
rc-animation-feature.js.driftt.com/core/assets/js/ Frame 3D37 88 KB
25 KB 134ms
133ms Script
application/javascript 99.86.4.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-animation-feature.js.driftt.com/core/assets/js/19.9fb02756.chunk.js

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-46.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

8c046caaaa9685e9a752b2c7d26b145598a30bb98c86bd6936ae0860b7eaa9c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=75a46854-b9e5-4c20-b8b2-9238020d7dac&sessionStarted=1663593142.509&campaignRefreshToken=a7f2934b-b490-42dd-ae74-8a5e01bf73ea&hideController=false&pageLoadStartTime=1663593140128&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 21:04:08 GMT
server: nginx
etag: W/"fdebd50a6fda76541dafbd23c5989673"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: P3R0.eclLQSH4ker.fvNiwdEQ1YR6gWU
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4MFspY5xVAKkkXw5OlAJvlcRXCHFzxRjwEI97TtbENXkuh2B5H-VMg==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 234ms
234ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=783da784-75fc-471f-8527-3b49737360ca&session=01c2c56e-4f9b-4e6f-8024-fa991361e755&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A24%20GMT%22%2C%22timeSpent%22%3A%221007%22%2C%22totalTimeSpent%22%3A%224012%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&pageViewId=b61c9ce0-1e6f-41fa-8c7f-ba539978e2cb&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 3D37 25 B
122 B 122ms
122ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-animation-feature.js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
server: istio-envoy
requestid: 1bdf6e24e300404
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 349ms
117ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rc-animation-feature.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 19 Sep 2022 13:12:25 GMT
requestid: drift706ebc349b49538e5c83bfe9c97
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 333ms
110ms Preflight
text/plain 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rc-animation-feature.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 19 Sep 2022 13:12:25 GMT
requestid: drift9e80d964b9090f51ad37c15264b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 3D37 147 B
244 B 110ms
109ms XHR
application/json 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-animation-feature.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Sep 2022 13:12:25 GMT
server: istio-envoy
requestid: 57d10608eaa913ac
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 212ms
211ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=783da784-75fc-471f-8527-3b49737360ca&session=01c2c56e-4f9b-4e6f-8024-fa991361e755&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Sep%202022%2013%3A12%3A25%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%225020%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20we%E2%80%99ll%20focus%20on%20a%20credential%20phishing%20attempt%20where%20attackers%20sent%20an%20email%20resembling%20a%20Netflix%20billing%20failure.%20Clicking%20the%20email%20link%20took%20targets%20to%20a%20functioning%20CAPTCHA%20page%20followed%20by%20a%20fully%20fledged%20Netflix%20lookalike%20site%20with%20a%20phishing%20flow%20that%20aimed%20to%20steal%20login%20credentials%2C%20billing%20address%20information%2C%20and%20credit%20card%20details.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Blox%20Tales%20%2311%3A%20Netflix%20Credential%20Phishing%22%7D&cb=&r=https%3A%2F%2Fem.armorblox.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fblox-tales-netflix-credential-phishing%2F%3Fmkt_tok%3DMTc2LVhNSi0wMzAAAAGGuyQjAJOF83O336IKt-9ciQj6g6oI3M8boZactdZPQnkAW2Xk3_wgbyTXUlcY1syKAyoEh1qiRkDRzg0U6GetJzSre7b1lILRBbS5G793jw&pageViewId=b61c9ce0-1e6f-41fa-8c7f-ba539978e2cb&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.armorblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:12:26 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.em.armorblox.com/	1970-01-20 06:06:34	Name: __cf_bm Value: MN4tfgZ2x9EPfjIoFwbxIV36GabXQuankzne1vOhWY4-1663593139-0-AW3R+mnNTiKbBn7zob6D/esJrMImCz6XhAUBste6J9QQ/HU8RLXDlDF9VOmwQi06+ESAP/MrCok5qK0mrm371R0=
.armorblox.com/	1970-01-20 08:16:09	Name: _gcl_au Value: 1.1.1913405463.1663593141
.armorblox.com/	1970-01-20 14:52:09	Name: _biz_uid Value: 3a5451e15af243c4db0e22fbcf5430fd
.armorblox.com/	1970-01-20 06:06:34	Name: _biz_sid Value: 5faefa
.armorblox.com/	1970-01-20 14:52:09	Name: _biz_nA Value: 1
.bizible.com/	1970-01-20 14:52:09	Name: _BUID Value: 3a5451e15af243c4db0e22fbcf5430fd
.armorblox.com/	1970-01-20 15:42:33	Name: _ga Value: GA1.2.902420925.1663593141
.armorblox.com/	1970-01-20 06:07:59	Name: _gid Value: GA1.2.55740921.1663593141
.armorblox.com/	1970-01-20 06:06:33	Name: _dc_gtm_UA-103936869-1 Value: 1
.armorblox.com/	1970-01-20 14:52:09	Name: _biz_pendingA Value: %5B%5D
.bizibly.com/	1970-01-20 14:52:09	Name: _BUID Value: d697a7c4dd496960fb07dc34c248204c
.armorblox.com/	1970-01-20 15:42:33	Name: _mkto_trk Value: id:176-XMJ-030&token:_mch-armorblox.com-1663593140681-99250
.linkedin.com/	1970-01-20 06:49:45	Name: UserMatchHistory Value: AQJfkjLcKClFXgAAAYNV4NH4MAp8roFVM7i8VzGHnmd3R_3TxP7kbnVRlclPze54EYY7zZlzVO98Rg
.linkedin.com/	1970-01-20 06:49:45	Name: AnalyticsSyncHistory Value: AQK2mg8TOLVT_QAAAYNV4NH4eLinBQSvMtBNMSY7kPUbI1BlGhypSJfSCg2Gz2cThlwmuUmWjM_MPy-X086a5w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:52:09	Name: bcookie Value: "v=2&a374c0bc-8156-4057-8a6b-e908435e55ef"
.linkedin.com/	1970-01-20 06:07:59	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2449:u=1:x=1:i=1663593140:t=1663679540:v=2:sig=AQGhm6SR18M4uRASgV0E267uA_KN2KQ5"
.bidr.io/	1970-01-20 15:35:06	Name: bito Value: AARZi07GUNUAAA_hLCmUgQ
.bidr.io/	1970-01-20 15:35:06	Name: bitoIsSecure Value: ok
.armorblox.com/	1970-01-20 14:52:09	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:52:09	Name: bscookie Value: "v=1&20220919131220939bb088-d7ad-4da2-8353-b1c1e1a0ea11AQHqagka1o8PTUATRF4QRUbhulmyFMGu"
.linkedin.com/	1970-01-20 10:25:45	Name: li_gc Value: MTswOzE2NjM1OTMxNDA7MjswMjHlSfvWE1qUgVQ4pIG1dAJtncKIpcJ//tMknUD3ya7Viw==
.app-sj27.marketo.com/	1970-01-20 06:06:34	Name: __cf_bm Value: z9NQ7onRMfDGLSfSfflrn1YX_qiHcbtEEmswFgKL0FU-1663593141-0-AV3PTF/uhq/sfz0c1Lj19C8iHuMne1ZVNdP6octNhdSXT+5+OvBD3g5DVGERw2+v+KPYFR+HtSLggIbzPWu3ZRY=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: K9leQBhwXec
.youtube.com/	1970-01-20 10:25:45	Name: VISITOR_INFO1_LIVE Value: 8hQc8Y9fmrk
.doubleclick.net/	1970-01-20 15:28:09	Name: IDE Value: AHWqTUn2lidY6nPdSJCMkyokqClGod1493mfc7APirVSh_xckdcYw2WVnLPT-8C3
www.armorblox.com/	1970-01-20 06:16:37	Name: _an_uid Value: 0
www.armorblox.com/	1970-01-20 15:42:33	Name: _gd_visitor Value: 783da784-75fc-471f-8527-3b49737360ca
www.armorblox.com/	1970-01-20 06:06:47	Name: _gd_session Value: 01c2c56e-4f9b-4e6f-8024-fa991361e755
.ws.zoominfo.com/	1970-01-20 14:52:09	Name: visitorId Value: 66e69eb699b500519a3dca51872347c4d91e1c3a04fa775a53ea6b94c8972d6a
.zoominfo.com/	1970-01-20 06:06:34	Name: __cf_bm Value: ZdZApYoZ5cMGJHdTpJ5pykf_9MUHw.UeTDg4I5KzqOs-1663593141-0-ATiga+Kld8gq60sk0Y6FSlHZcZpxEvoPHB/hNXo36cRIA2wsk2+ulOy8zHG6fzpFY3kVEgtHE9cIYbQbhPy8PCk=
.armorblox.com/	1970-01-20 08:16:09	Name: _fbp Value: fb.1.1663593141409.1244054168
.6sc.co/	1970-01-20 15:42:33	Name: 6suuid Value: cbd5ce1745120000b56a2863ae010000df3c5e00
.facebook.com/	1970-01-20 08:16:09	Name: fr Value: 0aajI9RB6WXucuuyw..BjKGq1...1.0.BjKGq1.
.demdex.net/	1970-01-20 10:25:45	Name: demdex Value: 68906169514606781860837220216730023510
.dpm.demdex.net/	1970-01-20 10:25:45	Name: dpm Value: 68906169514606781860837220216730023510
www.armorblox.com/	1970-01-20 06:06:34	Name: drift_campaign_refresh Value: a7f2934b-b490-42dd-ae74-8a5e01bf73ea
www.armorblox.com/	1970-01-20 15:32:28	Name: _pk_id.317.04e9 Value: b4e409a7c8141b95.1663593143.
www.armorblox.com/	1970-01-20 10:29:21	Name: _pk_ref.317.04e9 Value: %5B%22%22%2C%22%22%2C1663593143%2C%22https%3A%2F%2Fem.armorblox.com%2F%22%5D
www.armorblox.com/	1970-01-20 06:06:34	Name: _pk_ses.317.04e9 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://em.armorblox.com/MTc2LVhNSi0wMzAAAAGGuyQjAIGKgHFOii2O70Vm_aSrU_amgWc6hLGkP4w9DnVMY7BZ_eJVcb3YL1hzGYhY6tVtznY= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711861.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-MLi34NzG9e/W7kXEKeJEq+pDUaOgXmUOjDqLzrysGYg=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

176-xmj-030.mktoresp.com
analytics.humanautomation.ai
aorta.clickagy.com
api.storyblok.com
app-sj27.marketo.com
assets.armorblox.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
connect.facebook.net
dpm.demdex.net
em.armorblox.com
epsilon.6sense.com
googleads.g.doubleclick.net
hemsync.clickagy.com
id.rlcdn.com
insight.adsrvr.org
j.6sc.co
js.driftt.com
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
metrics.api.drift.com
munchkin.marketo.net
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
rc-animation-feature.js.driftt.com
secure.adnxs.com
segment.prod.bidr.io
snap.licdn.com
stags.bluekai.com
stats.g.doubleclick.net
tags.clickagy.com
use.typekit.net
ws.zoominfo.com
www.armorblox.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
104.16.93.80
104.17.73.206
13.107.42.14
143.204.215.62
152.195.15.58
172.217.16.130
185.89.210.180
192.28.147.68
205.185.216.10
23.205.237.4
2600:9000:2057:3800:f:71f1:7280:93a1
2606:4700::6810:650c
2606:4700::6810:9440
2606:4700::6812:1ecd
2620:1ec:21::14
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:400c:c07::9b
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d014:275:cb01:8d93:e14c:3058:b0f4
3.33.220.150
34.195.229.137
34.255.225.203
35.168.171.75
35.244.174.68
44.205.92.219
50.16.7.188
52.30.214.212
52.58.117.7
54.147.21.139
65.9.66.24
69.192.160.219
96.16.137.162
99.86.4.46
03f8a6e311621073ef87440db078abf904e8b830e51fa2a39188ce5915531e68
04f9098825e7c5644552ed96fd1e01bba9bd0c074784d085108ffcc889c06f56
08180fe4782eb8a2703e219199e24d517b5a53544a9927aa56d65abe51d7b131
08f2c07d0512cf4fded20fafb75e78d1ec3f9f40b739c1c04a72f18566c762a1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46
132e0a9dd6275c5353db596f5fec132a5120ff9ad39ab3d27eb4e7ad2b7f9a26
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
15d69b5673cf488a9115372ebf1c3c3410cc5f9aaf58b283ec5c450aa9eb3d0f
162e18544f336f5335835730a3d017b65749cda68d94de3efafe10d679fa72a7
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cc6a48f644462f4735b7a259785e44eea1a53b6a429c74693ef475535c10d7b
1d5f6b881ea283392a85af5d685749aff241a4458826f5cb40f6747b95717e50
1d974f1e1e970e41c63cb0e33398d884db88acac2ba98ec8b9a8df204fd310fc
230cef17f8b019c9e5987e1966b3e131c21fa794a0d76b3a4a712fa849dbee58
2506da391f7bf08d8933cbf783cca162d930429b131903dfdc1bb198a60a821e
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
260c3eb2159e04ce0d647d9beb0e3f2758a82136ea5806d32ea3c50d1b2d8d3a
268697b8ebe079ad0fa1b732980ae780cebe9b6bfcd060c76b0bd3657c8cf4bb
273b9dc19af04ac2dd618b4b6ae690c2bf7bde4715d13a48126a75b68eebaeb3
276ce26603da0a4bf9d16f692e149734aa6a26eb4e56885938cd8c5582c6d423
2bc74d8ac684c2c07dc2c4c8d3df18d6f350631954a49fb342eac5aa13dda267
2d96b1c34042991a17f8173648ca9ed1f920efc7bd2b4111432795838919e2a0
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3359e049ccbf9d3a1b8422c8bd9912d0040e7f6a5b807288c39e3699db6d2ea0
35d58763def07040da2efd70ec478a5d87b8f6874212896b93c56120651d95b1
376c16c0f5598f8c744c19291f060232fd0bfa3cd685e7bdbedb5bd1d5779c56
3a808a0d38265362afe28171f6ea9eafcd29fe350d2fe54418ca4b9f593707d0
3cb45867ace25baa1d6bcd56d05739fa8733cbadd9959fb33c2c038037a8742d
4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce
4220b911e738c2f8bba237c1e36999914165cd1fa8a1dea1240a87fc461f5f65
42a8f795eb7183f35ebfa83536ce0c6bac400c532157b6cd0551ab3952ade5b9
42fc1ae55974f761daff6f271095d76b4ebdd16b9c7562960ee5bea66e8ae60c
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
47d0606aac29b8e5df0845350e3fec479cc51387efb7fef9b3c7bb181b8c7a1c
4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5571f1943dcc57dfed00e9e8c9bcd1588d1b9eccceb9c9472219167cdad0e933
5609cd1f7eecd11ee97aac287f6d44f91cb1c19f16d6fa11fd82acab3eb9cb75
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56
5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765
5b6f9abbe03119dc36e88acddcb8e50d8522352723c5fd5f1e6c0c3426b4ff5e
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e206d921645cdd77ae1c4fb411bf3d04032d350cddadeb6888dd566ae1d5095
5ed7071748f7490216d3f80c420696657ddc7d882d48daac1e9bbe2721840a52
672eff660abe4418afe333b3314d7145f844762d61b7b2b340f99c71775d7dfd
6a8f5d3db22e41774d495f5590e386c65e45ee9d6e3019ade87e5a5f9eadf5b0
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6fa43750cb547f586079eeae5798a3a92b84459973c3afa6dc6c5117ade20e43
6fb157dac2d6ccd2be331cc55e25534ae33cca5e7078fbc89576450e954a156d
6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6
7001ada63b35c370c5c207ef8c85d0ae5bd79c826599f1d2bc36de67a6531ea9
71b0089d7c527e6a7531b790e4506f3b2705f5cbb8b3f95a5ceef1fa55cf9338
71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211
78a0c246d0f89264c120505dc030b7aeb15c8290b4025c27054b7103af03f1a3
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
78df6e891c6153241987a2beb3ae39271274a094c36de4922cdc69a23b4811b2
792506c76d7f282c24ae785c306e1027e4238d09ffdd2c33df7a6cbb5fe4e43b
79b11c988e0926dcb77087f3c39a3c72f7226421b7992fa1aecbf89634906a48
79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf
7affec8282a03eb4eb47780a46e9d8c7f2f5603cfe6be321dd064d03ac60eef3
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
809db6c849488a111554cadd2cf358db4a820e9d908208250be6d155c2aacda2
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
845e0731bd111cbd53e54d7eaa7802b7ccaceb173d0e97fa8ee4ddecb46eabac
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85309942cee52cab47e92148f4c21f15984a1e08a6ed7cbb63e275cabd3dc075
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
89bedf9a0b818f5271c43462a30b5574c4dc36f2c79838902d03f005be824c0d
8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9
8b29ef7adac993a0cb8042dcb6705fe6e6b13ae8d3c4bf2f6579aa6ae90ae534
8bcc8bb2f2e6001f7731f1b972e939012587a465345af843c6ab9a9c461aeb8b
8c046caaaa9685e9a752b2c7d26b145598a30bb98c86bd6936ae0860b7eaa9c8
8c83e8a58f1d0c88d1574a24d528a31d7804cdd0741235010bf4ce5ffd30b878
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eba5a7ceaec1b523c20b1a82dc4226ebbe7931530fed009e97b9df5d9e6367c
8eefeea093168e2e7c715358344b72d9aaf8815d2deb320dcaa934e4d51eb147
8f27cedaf17cda78d6e31b33e5bf69837621e7f41d1aaaf2305ab154cc33064e
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
93a805e1e77c07570d61dda3ff689dcf2a205ee1452de272d4a2d17e29c352ce
9a955a830fe4c3916de9ff562a0b8b315e40a862dadd9e456b3266ebb1131497
9ab17804e34a235e778a2fcad45aac8737900071ecc51aeb9b944942faddb8a7
9b05f32b262a8ddfa4c0322b0b4b376258b7996177b98d5a1e2b4585d20cba27
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19f7d373e0ca741a7e91bbb2e361a16e131ba3ad9482b0690d75bfac9463f7a
a40b9fa9a7440c38759c2c8402474e113d3956bb08b77159a4791864d5fb3345
a58dbc67f90f6006af9638b454c3cc2d65cc7125947095587ea7c4b372b11aeb
a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1
a88cd5d2766532b8d722540581011ad2fe22441f7ec0db584d86dea3787f2fa9
ab4f468b462952c0b24e589333f2b18cb4ff05177c3d9353d24e8f44d519d2b3
acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c
ae67e45cd6461f3b5066ec7092c7b75d782741091fe7d7a852f09090a41bb470
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b3d5b4be6e7a2889c7f7b173472375ce3b2da6033948af5a4484bb7530f06552
b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
b52f30e5ee9a5044342e62a44a55a996facb49a19794dc60958f05f62ac2263b
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b71f76186117ab510aca8eb8208815da837acdd4b29e171c9897993175c28878
b726950d58a01f4ff987fc29a610f871b1055f749185e626a4b1916f968f1bb5
b75d669453c5377eebafda19b9ae0b4583853a06a5ba817fad8174adacf7fe69
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bc1365163acf680a1f6034ea4ffb60b748a7a71ebee3d911989771b4962486d3
c103627751ca38778b802e130cfa523aa0fb47552fada36f9cafca65dc8bf7e8
c196eda385cab60127300efb93c6ee115a48025ede63f48cdd7c7e2a93f27966
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
cb17ab922f4d5724f0a90ff0115610a966674e21428fa20b089f496a21cdf71d
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
d0b8a9530fe420d782e19330e0f0efa1063be86f3ddb516908afcd3ae653ac5f
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d3383dd19ed9aad4099c7b406339e82c23385d4d015eba91ec048bbdb8051f25
d3629679a7b8c5d0d6af84a5aca6ef0e8fb7f966b39c6a64cd584dbeef2ca5ce
d42b61b91e910fd6515346f7dd2f09542a3fd2cb080e14ea1a737c414abeb085
d7166701ae98da2295d5e82857f3d7dc1baa451671130585ef74283729c25874
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
d94e6105f81b49586250c90894df3e2a71549424fec61a67874f1851bf5c26b4
da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c
daa698c8bbff0f8896f590e544f06c470d03af0dc6d7ecdec4b98e5f6580df5f
dba17f1b29b3b3637d709f951023ea1655b08c6b4f40fd612c5e927ba72829fa
dc993be385b63c746e962cc42adb2ba08a67c3c5eafbd08b28014e105aa8c2d2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
df26a4efbeab7bdc6099663f5762fe2b6c6fd53230064e7503104e3a9582fc37
e046beb1e5af3b7941fe46f8a42016dfa89157e68b398da5bb61d49b6eb47bdc
e079894f0fbf15f3eaa5d999e208a2604f5ea85e7e3790013b1e990e01dcf0dd
e2d4580826066e1532c01cc968fd02336e372b28773584a80c37801a22445a06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e416bac21f51ef7a9aa172a4c2f761846cb36fe6ae55b6439a6db80b3ff548ad
e4a3280211b5fd200c4d4d043763886820517771353f9fef82a88c52ab5855a7
e5035c8d058e1c25449d6d4852b063de6329a8b4a73dc84f94fbb405f8967d35
e833fbc02878a06d85aa9e8378e939c676f085fbe2d7d385c85450538bfcbc92
eaf1df68503e4437806bb51d28eefe54beeebdf13684a25f2d6a9a86ee96dc32
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edc6475a76eaa61e6c169cfb7bc233e617fb7322904a194355fcbd7e34e61f41
ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1890ff50be4ff79cf7cb28fed7df1839a7d430a9c31094810ec4ea8e5b2fffe
f1d2fc79d147c71aa167b407a47319b8c856948b3200705890a96b312ddf1664
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fb54ec2c7611cd695804c36982789e9595d5bd6bdfee1571e7918485eb82c4f2
fc1e1b414a41e1039d0995863c848978cead85dd93713dedde86a5f4036f046c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2
ffedecaa5ea039ffbdc1cc9d651a4856e08a9f2bbd9e2a5dccefc7cd38e42226

www.armorblox.com Open in urlscan Pro 2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

221 Requests

98 %HTTPS

43 %IPv6

34 Domains

46 Subdomains

41 IPs

5 Countries

7434 kBTransfer

16742 kBSize

41 Cookies

7 Outgoing links

Page URL History

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.armorblox.com Open in urlscan Pro
2a05:d014:275:cb01:8d93:e14c:3058:b0f4 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

98 %
HTTPS

43 %
IPv6

34
Domains

46
Subdomains

41
IPs

5
Countries

7434 kB
Transfer

16742 kB
Size

41
Cookies

221 HTTP transactions
3 data transactions