capitolcanary.com Open in urlscan Pro
141.193.213.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJEfIRc5O2seL1E2SE=
Effective URL:
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCO...
Submission: On September 15 via api (September 15th 2022, 3:11:11 pm UTC) from US — Scanned from DE

Summary HTTP 203 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 32 domains to perform 203 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is capitolcanary.com. The Cisco Umbrella rank of the primary domain is 670815.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 25th 2022. Valid for: a year.

This is the only time capitolcanary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.184.251.130 52.184.251.130	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
37	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
6	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	13.227.73.29 13.227.73.29	16509 (AMAZON-02) (AMAZON-02)
62	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.36 13.32.121.36	16509 (AMAZON-02) (AMAZON-02)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
4	54.226.8.81 54.226.8.81	14618 (AMAZON-AES) (AMAZON-AES)
2	216.24.57.253 216.24.57.253	397273 (RENDER) (RENDER)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2 8	2600:9000:225... 2600:9000:225e:1c00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4868	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::6812:2437	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1fcd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 3	3.220.203.163 3.220.203.163	14618 (AMAZON-AES) (AMAZON-AES)
1	18.235.90.40 18.235.90.40	14618 (AMAZON-AES) (AMAZON-AES)
1	104.96.159.57 104.96.159.57	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	2600:9000:224... 2600:9000:2240:7000:5:b2d2:2280:93a1	16509 (AMAZON-02) (AMAZON-02)
15	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	18.66.122.59 18.66.122.59	16509 (AMAZON-02) (AMAZON-02)
1	54.194.161.205 54.194.161.205	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
2	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1	52.213.225.150 52.213.225.150	16509 (AMAZON-02) (AMAZON-02)
1	54.229.45.147 54.229.45.147	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
7	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
203	45

1 52.184.251.130 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

about2.capitolcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

capitolcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.93.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-sj20.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.73.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-73-29.sfo20.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-36.fra60.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.226.8.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-8-81.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.253 (United States)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

486-vki-494.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:225e:1c00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2437 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1fcd (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.220.203.163 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-203-163.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.90.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-90-40.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.159.57 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2240:7000:5:b2d2:2280:93a1 (United States)

ASN16509 (AMAZON-02, US)

pathmonk-lib.pathmonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-59.fra60.r.cloudfront.net

wec-assets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.161.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-161-205.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-92.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.225.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-225-150.eu-west-1.compute.amazonaws.com

apisdk.pathmonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.45.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-45-147.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com — Cisco Umbrella Rank: 4993	746 KB
38	capitolcanary.com about2.capitolcanary.com — Cisco Umbrella Rank: 817016 capitolcanary.com — Cisco Umbrella Rank: 670815	429 KB
17	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4682 api.omappapi.com — Cisco Umbrella Rank: 4813	204 KB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2439 d.adroll.com — Cisco Umbrella Rank: 1453	80 KB
7	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5522 bootstrap.api.drift.com — Cisco Umbrella Rank: 5833	454 B
6	marketo.com app-sj20.marketo.com — Cisco Umbrella Rank: 202027	145 KB
5	pathmonk.com pathmonk-lib.pathmonk.com — Cisco Umbrella Rank: 290233 apisdk.pathmonk.com — Cisco Umbrella Rank: 338017	29 KB
5	clickagy.com 2 redirects tags.clickagy.com — Cisco Umbrella Rank: 6675 aorta.clickagy.com — Cisco Umbrella Rank: 1502 hemsync.clickagy.com — Cisco Umbrella Rank: 5955	15 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5636 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6352	691 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3329	7 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 591 script.hotjar.com — Cisco Umbrella Rank: 779 vars.hotjar.com — Cisco Umbrella Rank: 852 in.hotjar.com — Cisco Umbrella Rank: 1671	69 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	286 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	131 KB
3	gstatic.com fonts.gstatic.com	114 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1428 match.adsrvr.org — Cisco Umbrella Rank: 342 insight.adsrvr.org — Cisco Umbrella Rank: 624	5 KB
2	terminus.services wec-assets.terminus.services — Cisco Umbrella Rank: 15395	12 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	428 B
2	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 23563	1 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 2665	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	98 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 501	227 B
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8527	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	mktoresp.com 486-vki-494.mktoresp.com	318 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4816	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1075	41 KB
203	32

	Domain	Requested by
62	js.driftt.com	capitolcanary.com js.driftt.com
37	capitolcanary.com	about2.capitolcanary.com capitolcanary.com
15	a.omappapi.com	capitolcanary.com a.omappapi.com
8	s.adroll.com	2 redirects www.googletagmanager.com capitolcanary.com s.adroll.com
6	app-sj20.marketo.com	capitolcanary.com app-sj20.marketo.com
5	metrics.api.drift.com	js.driftt.com
4	pathmonk-lib.pathmonk.com	capitolcanary.com pathmonk-lib.pathmonk.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.google.de	capitolcanary.com
4	tags.srv.stackadapt.com	capitolcanary.com tags.srv.stackadapt.com
4	www.googletagmanager.com	capitolcanary.com www.googleoptimize.com www.googletagmanager.com
3	aorta.clickagy.com	2 redirects tags.clickagy.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
2	bootstrap.api.drift.com	js.driftt.com
2	api.omappapi.com	a.omappapi.com
2	wec-assets.terminus.services	www.googletagmanager.com capitolcanary.com
2	www.facebook.com	capitolcanary.com
2	www.google.com	capitolcanary.com
2	px.ads.linkedin.com	2 redirects
2	grow.clearbitjs.com	capitolcanary.com
2	munchkin.marketo.net	capitolcanary.com munchkin.marketo.net
2	fonts.googleapis.com	capitolcanary.com a.omappapi.com
1	insight.adsrvr.org	js.adsrvr.org
1	match.adsrvr.org	capitolcanary.com
1	in.hotjar.com	script.hotjar.com
1	apisdk.pathmonk.com	pathmonk-lib.pathmonk.com
1	vars.hotjar.com	static.hotjar.com
1	d.adroll.com	s.adroll.com
1	id.rlcdn.com	capitolcanary.com
1	stags.bluekai.com	capitolcanary.com
1	hemsync.clickagy.com	tags.clickagy.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	capitolcanary.com
1	www.linkedin.com	1 redirects
1	tags.clickagy.com	ws.zoominfo.com
1	tracking.g2crowd.com	about2.capitolcanary.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	486-vki-494.mktoresp.com	munchkin.marketo.net
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	capitolcanary.com
1	ws.zoominfo.com	capitolcanary.com
1	js.adsrvr.org	capitolcanary.com
1	www.googleoptimize.com	capitolcanary.com
1	about2.capitolcanary.com
203	48

This site contains links to these domains. Also see Links.

Domain
app.govpredict.com
www.linkedin.com
www.twitter.com

Subject Issuer	Validity	Valid
capitolcanary.com Cloudflare Inc ECC CA-3	`2022-03-25` - `2023-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
app-sj20.marketo.com Cloudflare Inc ECC CA-3	`2022-05-02` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
drift.com Amazon	`2022-08-24` - `2023-09-21`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
grow.clearbitjs.com Cloudflare Inc ECC CA-3	`2022-06-28` - `2023-06-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-24` - `2022-09-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-13` - `2023-08-13`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.clickagy.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
pathmonk-lib.pathmonk.com Amazon	`2021-10-30` - `2022-11-27`	a year	crt.sh
a.omappapi.com R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.terminus.services Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
*.pathmonk.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-20` - `2023-01-20`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Frame ID: 8DD0D51F0C8CDBCDFDD1F02C955FF883
Requests: 129 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
Frame ID: B59D750C8D555157D119212918AC12DB
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
Frame ID: 3360F4B151A98887C1A40D001B692C4A
Requests: 32 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 2F007532567F77CFAE97B2FA77337AFF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2EAA814639F340952B19EDD3D1823115
Requests: 1 HTTP requests in this frame

Frame: https://app-sj20.marketo.com/index.php/form/XDFrame
Frame ID: C59C09E56840D0B7F4486C9E7417A15A
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&upid=21br8ux&upv=1.1.0
Frame ID: E8062F251E2C6E5FE3F9620662780AC4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FP Win with Capitol Canary - Capitol Canary

Page URL History Show full URLs

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJE... Page URL
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

203
Requests

97 %
HTTPS

42 %
IPv6

32
Domains

48
Subdomains

45
IPs

6
Countries

2369 kB
Transfer

7182 kB
Size

38
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://app.govpredict.com/portal/moneyball/donor_lookup?iframe=1
Title: Donor Look Up Tool

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/capitolcanary
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.twitter.com/capitolcanary
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJEfIRc5O2seL1E2SE= Page URL
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1663254664331&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45840%26time%3D1663254664331%26url%3Dhttps%253A%252F%252Fcapitolcanary.com%252Ffake-page%253Fmkt_tok%253DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1663254664331&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1663254664331&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&liSync=true&e_ipv6=AQLapzRyMcjHUgAAAYNBtBYYgpwwkW3Ryj1jyrLA1CsLKZIZlf3XDQAwmmI-_IteUgw4lqnyzNHNVw0P_eZs8Iz6HPj44Q

Request Chain 80

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://stags.bluekai.com/site/51557?id=c:35aa95378d31dbdc7e203461627337ee&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1

Request Chain 81

https://aorta.clickagy.com/liveramp_redir HTTP 302
https://id.rlcdn.com/711861.gif

Request Chain 91

https://s.adroll.com/j/exp/HVQJW343KJAW7GWROKSEFP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 92

https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

203 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 302
Found NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJEfIRc5O2seL1E2SE=
about2.capitolcanary.com/ 523 B
992 B 800ms
302ms Document
text/html 52.184.251.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJEfIRc5O2seL1E2SE=

Protocol

HTTP/1.1

Server

52.184.251.130 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

adobe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-PtCHTIc7Hxvyl2Y3NVbSC6COlVQt3l/M4cUDnUa4/v8=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
content-length: 523
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-PtCHTIc7Hxvyl2Y3NVbSC6COlVQt3l/M4cUDnUa4/v8=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Thu, 15 Sep 2022 15:11:00 GMT
referrer-policy: strict-origin
server: adobe
x-frame-options: SAMEORIGIN
x-request-id: 858b8219a3a6642d

GET
H2 200 Primary Request fake-page Show response
capitolcanary.com/ 94 KB
21 KB 1741ms
1631ms Document
text/html 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw

Requested by

Host: about2.capitolcanary.com
URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJEfIRc5O2seL1E2SE=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

f07c663622a18c44cda247f3a8960fd16533419c60f38a6bd204d443f6fcd40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: http://about2.capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74b24ae32aaa68ec-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 15:11:03 GMT
link: <https://capitolcanary.com/wp-json/>; rel="https://api.w.org/" <https://capitolcanary.com/wp-json/wp/v2/pages/18905>; rel="alternate"; type="application/json" <https://capitolcanary.com/?p=18905>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YANm1uIklAfyi7XS4k0EJ%2Fb1GoYzN4AMnFrnX1UUauvfGiA5LAVYr%2B92MRzr0yv6m7lwMTIUpsJWymVnlgD%2BIQSg5n69krD2DaReI%2FWGrcchj1p27DiTfnYdzv1pbQRSoFAo"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: WP Engine
x-xss-protection: 1; mode=block

GET
H2 200 fa-solid-900.woff2
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 76 KB
77 KB 42ms
35ms Font
font/woff2 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248475
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Wed, 07 Sep 2022 16:29:49 GMT
server: cloudflare
etag: "6318c6fd-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xbd0SK%2Bh6BQjwir6kAswzUvW33qoRuV%2BY%2FiDex7HPGYgwdUNcjxY0hNRW8DSAetQsZrZUAghTSexQ%2FGnql2U8jGpSZXpmHViWtVFFSAS4DQ8RAlcZ561uxDPV3JaSUf6HJEt"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74b24aed8dfd68ec-FRA

GET
H2 200 fa-brands-400.woff2
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 75 KB
75 KB 91ms
84ms Font
font/woff2 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248475
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
last-modified: Wed, 07 Sep 2022 16:29:49 GMT
server: cloudflare
etag: "6318c6fd-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4DMsHN7PCYqQDSASTsqch0vbEuimRjBrtX%2BynnGA%2BdDYn0wnj5Weko6cxHpcUdtQmQ7fqEIRubeFqnaQL%2BA9ug9ZUmVWH3aW6oQTGq8VJKDdS0bjsvKBDjd1XSx422pC7oz"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74b24aedbe5b68ec-FRA

GET
H2 200 18905-layout.css
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 45 KB
7 KB 606ms
599ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/18905-layout.css?ver=4e98f183d6759223ca94a8ad194bc615
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f341e12f7cfd1002b96791f4058b98f42e8d98ef90cf649b643e9ea2ce5b47a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Sep 2022 16:32:28 GMT
server: cloudflare
etag: W/"6318c79c-b259"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blAT9UfrNprccbYfLkd8qoeEGtiPDR577NUknGClIvuGENA%2FIS6QimA1faiuOCCHzhihrCQAA2dPQjpKSaWnGV8ktvyxr2bizOqAtF6pAubAw%2FxR0R2i7rWQTn3RoeV%2BTgst"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0068ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.css
capitolcanary.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 149ms
142ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Sep 2022 12:22:51 GMT
server: cloudflare
age: 4946
etag: W/"6311f59b-aab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFFoiT2%2F9SyrmJbtp0F8obkB2rgz%2B0qVlCNY1Sa11dxIaU1W%2FG1E7Wl5duKy%2BPQp%2BxCh7ZNB3ZYXtx1VL57fem9qB%2Fb2fqcrx9%2Fa074iUHSjt7TH0zON8kAQUzRXlsD5YeJV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0268ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wpa-style.css
capitolcanary.com/wp-content/plugins/wp-accessibility/css/ 3 KB
1 KB 86ms
79ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=1.7.10
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: df5b52f0f8815f309368736abcbf718b9e87c09df2732e16fdcba0bb5ca6fa02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 19:10:52 GMT
server: cloudflare
age: 4946
etag: W/"62c33b3c-d0c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDm6bsMYxe0D3mZB%2BJlwdZF%2Fvpg%2FF%2FQ6QlbMasUebSREwNpZVP3i3g6sejdFfd6U1Wcp2fYf4Sy03Nqsb1BrdeBzMc4ALeL0xBE17ZpSwyM0FBw%2FPpsXzfQZm5G%2BKGty1HlK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0368ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 all.min.css
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/ 58 KB
13 KB 84ms
78ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 16:29:49 GMT
server: cloudflare
age: 4946
etag: W/"6318c6fd-e7a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vynPhU3c4dcZndk6oOF7xXxsP09zBTqUgyQFIWUanYlcCZpJ1cLy%2B2ikYMsXmsDpx1icGBGWSs%2BrhjVN6IlYav8C%2BfgY%2BSSHz6HB5RE4RWvHPalLg13MPyYoqYKN2d5b8ftB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0468ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1887d699bf6a35fc5e7ea64405bd492c-layout-bundle.css
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 197 KB
16 KB 614ms
608ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/1887d699bf6a35fc5e7ea64405bd492c-layout-bundle.css?ver=2.5.5.5-1.4.3.2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84b755aabb87e872238b42a2ae96fef3a5ea66cc74372fa02a9f98e9787730b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Sep 2022 16:32:04 GMT
server: cloudflare
etag: W/"6318c784-313f7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNbjqhO4IxWVzS%2FH6dzOtpXUtfcCQBLUFEATKn7UR71Hynpu782%2FbUgOY5dHpJX1inLEEA4ZVq%2FEY4AB1oWLxOisXFMHwZJ8mJg2%2FH%2B2YdxkUoDFtlA%2FsL4S5AwM5lx4WrBI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0768ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 themify-icons.min.css
capitolcanary.com/wp-content/plugins/dflip/assets/css/ 14 KB
3 KB 87ms
82ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/css/themify-icons.min.css?ver=1.7.32
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 19:10:48 GMT
server: cloudflare
age: 4946
etag: W/"62c33b38-3605"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoVWBf8a0cb7xMrXQqMUOooVyzbU%2FzswRKy7unx%2BflWd9oGTCCY6bSQpHX0b8H3j7aRrPYxcSmGC8okyP%2FXPX1Gte%2BSGcqv%2BJuwnuT2WKIMOf98Mo9AqEXRs62N3Fz%2BL0vHN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0868ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dflip.min.css
capitolcanary.com/wp-content/plugins/dflip/assets/css/ 26 KB
6 KB 86ms
81ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/css/dflip.min.css?ver=1.7.32
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 19:10:48 GMT
server: cloudflare
age: 4946
etag: W/"62c33b38-6932"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1TNJI4oM6QRGkIQ%2BneXp9OF%2BjoJKknMzSZjwr6FNnbXUHzSRrJht17Hng%2FGwCsLtgGV0hamCrsZUW%2F1Awf5FPniK822d%2BzbweDwXRGKFC6ARWw8MasHfSBtNTlOBlJHkuO4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0968ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 default.min.css
capitolcanary.com/wp-content/plugins/tablepress/css/ 5 KB
2 KB 84ms
81ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Mar 2022 17:56:20 GMT
server: cloudflare
age: 4946
etag: W/"623cb0c4-13e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eID7lMRvFM%2BZ8Caf0%2BKpfiYKkzxrk7NTB1T5JjbI00Hx4ZimJcdMNc4Gd0ruztsLT7x7z6zb8q%2BancOR2XBSjAoHVMd2vf37Q9zVKplx9bqRSpnKyF7%2FZXev8kygLXX48r0G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0b68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bsfrt-frontend-css.min.css
capitolcanary.com/wp-content/plugins/read-meter/assets/min-css/ 565 B
533 B 80ms
77ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/read-meter/assets/min-css/bsfrt-frontend-css.min.css?ver=1.0.6
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa5201729bac890535667e48073ab88a75040b0858a54292ec020832e4aee24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Jan 2022 12:12:33 GMT
server: cloudflare
age: 4946
etag: W/"61f7d231-235"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oA4GTXgFfSGdzQeY6sVbCkVZg3UG%2Fqg%2FVsXFel0aUH5LltP4AZrkhfosA9v1huT6Zj1bd8yFYwEK7duLC3AeARqhHy2cmnIpFnI1K3%2BH%2FtdW%2FDCzRmmnOAv1L4OMNd5EGJWm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aed8e0c68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.magnificpopup.min.css
capitolcanary.com/wp-content/plugins/bb-plugin/css/ 6 KB
2 KB 87ms
84ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.5.5.5
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 16:29:49 GMT
server: cloudflare
age: 50904
etag: W/"6318c6fd-169c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbF6uDsTEcyJcp6nLdQ6Zz88iCUzHH7DnAoBFOReDGBl5feAnjtSP5dmp4ENEIJKgZvotx9cUA2iGOELkzznnSqrsGEPpJHgDxNx%2BeKQP8BHsA4oyKnhuD2p63RjU1H1y7a8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aedbe5268ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap-4.min.css
capitolcanary.com/wp-content/themes/bb-theme/css/ 158 KB
25 KB 145ms
142ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.11
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 20:52:25 GMT
server: cloudflare
age: 167179
etag: W/"62670a09-278b4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDgMLjfhofuAf5dJPcjBBwUSPoahMdtv%2B5aD1uUVivtct%2BVAMqi8CYYzbkXRaYGtdzbRlFapXHePHrszUgFousLPM5z%2BPLxDOiRhwVu99xnIKtO2PXFG%2F4HE%2FO4NTAbF1WG6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aedbe5668ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 skin-63127cc00ea28.css
capitolcanary.com/wp-content/uploads/bb-theme/ 73 KB
10 KB 144ms
142ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-theme/skin-63127cc00ea28.css?ver=1.7.11
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1b277f5f04deff0a69474f2616c18775058f967f7b9e8dea7b27c0aca9bd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Sep 2022 21:59:28 GMT
server: cloudflare
age: 4946
etag: W/"63127cc0-12542"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJ9vQxLy%2Ba8fiyjP0boVXkR9k3v8qVi%2Bt6MSWN0lJiMx32HMnZz7b1Cl6%2F8eXODvSsHGQx%2BugL201ynO2nkTDAqVoQ6E52tW%2FF4Gvv8uKYlgNF2N%2FO%2F%2FA8Ey6PgtAXqAWYIW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aedbe5968ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
capitolcanary.com/wp-content/themes/capitol-canary/ 90 KB
13 KB 130ms
128ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/style.css?ver=6.0.2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e95a78edf0c7565f3f43777ed485a6e3370fa00b3df141fad921ad45158eeac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 14:52:09 GMT
server: cloudflare
age: 4946
etag: W/"630f7599-169b1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj8ncxZbwOGoSAFIocwGOPPp7NAXetqe%2B154OSvlx0dp5GOVpvSMxxlN43pkhTJZDnFFCRKVSz%2Ff4re1VrtceXVz8Mjb%2B4sQrgAxtr2B8X4NGFNp2b0IFWmCASxF1Xdc9H0u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aedbe5a68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.6.0.min.js Show response
capitolcanary.com/wp-content/themes/capitol-canary/js/ 87 KB
32 KB 131ms
129ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/js/jquery-3.6.0.min.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Mar 2022 15:19:19 GMT
server: cloudflare
age: 7436
etag: W/"622b6877-15d9d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKPc2kdG%2FVX3%2FVDI%2BMqkoSwByLTTbsN%2FYh4%2BLkjLlHR4vVf9aw7dbCvDSYsMsQOOzaC78TWUFZAZdu9OrAytYyoraLoDXoEIVi3LgCkPZqE%2FA5LE1jK3A1QC%2Fn3tBPamtLov"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aedbe5d68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 imagesloaded.min.js Show response
capitolcanary.com/wp-includes/js/ 5 KB
2 KB 85ms
83ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/imagesloaded.min.js?ver=6.0.2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Jan 2022 12:12:25 GMT
server: cloudflare
age: 252318
etag: W/"61f7d229-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcJKa3f54ktFZ04O2TL9%2F2nNPzw1wCU77Z3jgQVD%2FELkiN68i6xZnUyK3ybyb3UBskSy9cuzSYPbOcn78oqQy1yH7rboBoA0bvEvSXC8GEmujw%2BqxQ5aItbxcNSmYatkfoVf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24aedbe5e68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
64 KB 77ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK

Requested by

Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d2815b39a4a2e55fe5ddf10e788f5dc595b9146c50ad7ffba59076a1c42fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64845
x-xss-protection: 0
expires: Thu, 15 Sep 2022 15:11:03 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 105 KB
41 KB 91ms
34ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MDVLCWQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

539aff846b53091b87d529c32adb7793b802220256609c3a260971dafc8e7481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41659
x-xss-protection: 0
expires: Thu, 15 Sep 2022 15:11:03 GMT

GET
H3 200 header_capitol_canary_logo.svg
capitolcanary.com/wp-content/uploads/2021/12/ 13 KB
5 KB 39ms
36ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capitolcanary.com/wp-content/uploads/2021/12/header_capitol_canary_logo.svg
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 581a118e4a2b33f2d2738b1e0a946a0223e9e6d0bcc579463148d6ea1d089cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Jan 2022 12:12:27 GMT
server: cloudflare
age: 53425
etag: W/"61f7d22b-32b2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU1FbqAUwwGG%2BEoNCiDpszKhY2WyCFBwOxPFpgseExTQZHMshlqyG9obJpJB03KaL8WFHWKjzb%2FpBPegAPkkLA%2FNW60mjC1NMhskDen8qmdiGNYS9KuwY0B%2FwO9xtZp2e739"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c93918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 forms2.min.js Show response
app-sj20.marketo.com/js/forms2/js/ 208 KB
69 KB 362ms
35ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 04:25:19 GMT
server: cloudflare
age: 3838
etag: "1121612-33e56-5e7316b14b766"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 74b24af35fe76933-FRA
expires: Thu, 15 Sep 2022 19:11:04 GMT

GET
H3 200 footer_capitol_canary_icon.svg
capitolcanary.com/wp-content/uploads/2021/12/ 422 B
773 B 92ms
89ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capitolcanary.com/wp-content/uploads/2021/12/footer_capitol_canary_icon.svg
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b8acc0c1a541b4572172f8c39ff60f586962fa6bb9f1edd840d1d77da1d3818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 Jan 2022 12:12:27 GMT
server: cloudflare
age: 53425
etag: W/"61f7d22b-1a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ES6n4nHnqAHXOexhiVW%2BqBjc%2FvYFOolHO3u7u8O8JIywGIMbISjjkEaKmCwBY5PYKO7%2FKHY0cVLdEBMyYTqtAnZLtEXW4GgT1V1QO7ZLSi0kdZ%2Ft8Z%2FrkWksjVw6seGmwbPN"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c96918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 78ms
37ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Requested by

Host: capitolcanary.com
URL: https://capitolcanary.com/wp-content/themes/capitol-canary/style.css?ver=6.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ef3a96924cdd39f4ebd6efe627eab4d9ad621850e29abcc0b8b6d65cbe95268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/wp-content/themes/capitol-canary/style.css?ver=6.0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 15:11:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 15:11:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 15:11:03 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 526ms
162ms Script
application/x-javascript 13.227.73.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.73.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-73-29.sfo20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 15:08:26 GMT
Via: 1.1 837cef1564d25613f261adcf22ed5632.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 159
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: SFO20-C1
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: _FzOGyqO25zU-aesXkmDY44w_evQWP3GLmOKasZWUOpZoZ3QEBR-9A==

GET
H3 200 18905-layout.js Show response
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 31 KB
9 KB 596ms
595ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/18905-layout.js?ver=db7e8bce656cd507a078f3470c5b82bb
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b423a0123fcab2438d70ce28a79c637526d650b9313a4d88b9ae3b9c450230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Sep 2022 16:32:28 GMT
server: cloudflare
etag: W/"6318c79c-7d3f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSqTXNdM2ad5kPYKgJXzdoC2VwkJ3v38cq7HcS0Xl%2FcRY2FRBgN9Lp1%2B1hWgPrVajuki8BpSaP%2BgNEzBgTW0hGRmJAqeCfhSc30%2B6Cz8jzhrJP6%2Fapn38GoNhba3nrlV6nyD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c68918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
capitolcanary.com/wp-content/plugins/contact-form-7/includes/swv/js/ 9 KB
3 KB 600ms
596ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Sep 2022 12:22:51 GMT
server: cloudflare
etag: W/"6311f59b-25d0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsC%2BNRsc7Ntp4fuIc44OixmapS7SR%2Fh9MoccUYWb0DQkTGoUp2GHCGSdO%2BWXML0TPum%2FYKo2PUTgsRPuA%2BbSY9MsIQDhqhqj5qIgtB8sLzCQIwYVrHBuJx32KqJ610d0KQ4o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c72918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
capitolcanary.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 607ms
603ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Sep 2022 12:22:51 GMT
server: cloudflare
etag: W/"6311f59b-2fb3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzGKYZMToCyt5RZm%2FuJebktm2flffbS68onnmOFg1s4xnuW%2FqkWWaeEXZZS3O9O6S4ridPdQvqkN9s3MSNp%2FwaXD8bs3L0PDTk0pdWSPnuZljtTpo%2FRv8vWEXOgSj5bBwx66"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c74918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 longdesc.button.js Show response
capitolcanary.com/wp-content/plugins/wp-accessibility/js/ 3 KB
1 KB 601ms
597ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.7.10
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44c1e4738705bab988e778131a999b93fd5f1f5f1d815f3bb652c6434fc9c992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Jul 2022 19:10:52 GMT
server: cloudflare
etag: W/"62c33b3c-b57"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1S5B26kgAlMqwCuUSSQ6H%2Bbr4xeH0kdEYPeCu45zz0it3yrZtTHoZ1RguJKeJJN9DOgXIWnMGh%2BJxtxZpb5x%2B7oX9EVpXDR1LApHnr04C9CkfKUMgHtSXUU8FNlgfcya8DFi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c75918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.ba-throttle-debounce.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 731 B
966 B 32ms
28ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 16:29:49 GMT
server: cloudflare
age: 53425
etag: W/"6318c6fd-2db"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVLP1WSus8upktbOS7CUtxMXqSIxK84bn7m7z94bru5ibDzESMOJnVMy%2BPUudETKcM1Np19jiDHxWYsJRuSVVXg0twAZQZBEKgEaw4BCigD3Qj5yQ7C3lLao994PEjW9lG2Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c76918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.fitvids.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 2 KB
1 KB 35ms
31ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 16:29:49 GMT
server: cloudflare
age: 53425
etag: W/"6318c6fd-6f6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOAahOigcobI%2F7yn2S%2F0PU6FlJNMCHFJqoS76SaES446I8SxdmoJ8RPn8XOqZlRkNS1uNktG2oR9czIL4MJbSXCMgYNxzBKal93eJk2kRObsSDQDLA1dAQpvmquxJmGbd8uC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c79918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js_cookie.js Show response
capitolcanary.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/ 4 KB
2 KB 77ms
73ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/js_cookie.js?ver=6.0.2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 16:29:52 GMT
server: cloudflare
age: 162450
etag: W/"6318c700-e70"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2jZUKZJbVGU98koyY4KENVzjDKYurOXLwVM6B4PG1AMlOJdlTmwgssKEfKBRFZclbKt77jVYi4TzQuZo0o8yK6xZT6An5McfJ9IeRY%2F%2Folkx%2B24Sb9nEF98iVILBHR%2B6tyI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c7d918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 c7778da363908c365893d6865f5f6bcb-layout-bundle.js Show response
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 82 KB
13 KB 602ms
598ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/c7778da363908c365893d6865f5f6bcb-layout-bundle.js?ver=2.5.5.5-1.4.3.2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0fb597c967296a3b83f913d20609d2c1606fe1a2ffd9396ab3a21f0d85825e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Sep 2022 16:30:25 GMT
server: cloudflare
etag: W/"6318c721-14910"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGO0U8hmdf3HwG3SCQkICSY5iQW5gBa%2BT%2FtmXnjr7t4PK%2Bj30N%2FVc9UzaFhui4TrMzIirh2o%2FQK4v8ZDLzf6DJ5%2FxiITRFFvxG4dRojXBHvXZAdKPHpb1Hwx7%2BNPVpRlB0zN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c7e918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scripts.js Show response
capitolcanary.com/wp-content/themes/capitol-canary/js/ 3 KB
1 KB 62ms
58ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/js/scripts.js?ver=1.0
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698cd435eec4c16ebf0fc24cf4dd5aca96d7b96a1b017742f5a98b403a4a6b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 16:27:43 GMT
server: cloudflare
age: 7433
etag: W/"62b5e5ff-a99"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsBQMrvs9bl%2Fol8Rs6fQ2li%2FpcZsY7ZmtqMfySIhb%2BCywPzS1IE%2BbxWFYadJgzCcgJd9bFbWwbVwcfYmd6VQwNOAmssoA%2B%2FRTIwnMm68xSQpphHaa5jWXYY81xtzvTT%2BQYKv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c80918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dflip.min.js Show response
capitolcanary.com/wp-content/plugins/dflip/assets/js/ 125 KB
40 KB 63ms
59ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/js/dflip.min.js?ver=1.7.32
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89883270ecd3fd6c1f20edf2008ed776a34c017f95ce34ccf1568c900c302474

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 19:10:48 GMT
server: cloudflare
age: 59744
etag: W/"62c33b38-1f586"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jA3NQsh3vmclJCHSlhkwD2c%2BCDLKloyuO6JoJ2siUmZ7pyeMQuIn0JLhC03h2tFOPafa%2FXbepfKx621U5ECVS5SSO5F8bPE7CmqA05YZ1C2nXMuzzcAuylT4JrItvn8Fuqml"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c83918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 smush-lazy-load.min.js Show response
capitolcanary.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 78ms
74ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Aug 2022 17:36:53 GMT
server: cloudflare
age: 223399
etag: W/"6303beb5-1eee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQBTwsn8PS2sYVbGWYg1c0svfVVc%2FPoa78CTPx4u53RUYZ4u9hR2DryaDl5dLRaLKsTeLVBWPinOIZb2chesGQjERXeZxctLVi8JqNdu4q%2FLKCLIOT8LZATABGQ5gtz4NxWO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c86918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-accessibility.js Show response
capitolcanary.com/wp-content/plugins/wp-accessibility/js/ 2 KB
1 KB 40ms
36ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/js/wp-accessibility.js?ver=1.0.3
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b5a31adfee118c8237eff15320c8597bffdcc74c24c78f15a84c21ebdb4df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 19:10:52 GMT
server: cloudflare
age: 69056
etag: W/"62c33b3c-6e7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzdr02JR5Wn4rlw2PwguTGQLfE%2BOeTQinJV5CUx0VrDzEdZXUK7TdVRqY5twTv%2BNl2zA1%2F1bmB8zJ7%2Bc5CvN%2BDFiMay72rmDtO3vqSttxx9q1b18KZAS2yLQQgzKy2648OU4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c89918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.magnificpopup.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 19 KB
8 KB 40ms
37ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.5.5.5
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 16:29:49 GMT
server: cloudflare
age: 50886
etag: W/"6318c6fd-4da3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5wOqNmHQ3dDHpwbnttumwqdDSH5Iey8aUNNEcpXPt7lsFx8TKLlzn40BwPVKCe2kCq5XuqFKD4Bg7pH1vpneal4%2BNE8p4Dtw%2B7OJ5ft%2FRiIRcSPCC59jvnbh%2FrkBjZOrwNc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c8a918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bootstrap-4.min.js Show response
capitolcanary.com/wp-content/themes/bb-theme/js/ 61 KB
16 KB 79ms
75ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.11
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 20:52:25 GMT
server: cloudflare
age: 53425
etag: W/"62670a09-f3bf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoG3CGc09cchk9MdHADKl41F08urtve9qhd8URFUzp2TfwhMaRz1J5%2Fv1IG%2FBOxLfFNFjJDxzORnSc0B1AzVrPxp3z4FkE9uFd70TiQb71Zcp6E8EttIz6FupFO5bcdcWrxb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c8c918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 theme.min.js Show response
capitolcanary.com/wp-content/themes/bb-theme/js/ 22 KB
6 KB 92ms
89ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 20:52:25 GMT
server: cloudflare
age: 223399
etag: W/"62670a09-5902"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHYdz0kk528ejcKLzjvxAs%2FDI5rfn2lgjYbX9Is0cqLV%2BLrx0ABD0llauFU1D7DmhgJxNVhxyclguzACt52HT2hr3fp%2BPAbkTkgsCTLQU6PVlEtwKN60vgvtYcS5TI8AugOr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c8d918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 helper.min.js Show response
capitolcanary.com/wp-content/plugins/optinmonster/assets/dist/js/ 2 KB
1 KB 38ms
34ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.10.0
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858a82228958a3c8de474987772f997f6feeab666d6a34ac740b01fe81f69cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 14:03:33 GMT
server: cloudflare
age: 73414
etag: W/"6321df35-883"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kz3xpwZMQJwREKxgVoCFVM4fY9gVtfQVxABPYIhBi7ayjSGXG%2Bkmn2sRNvBa0AyaJ%2Fb7yWMHAPMTgCsbZxX7g4OgFIUazvCuyu39MooXw1RZj0mKOqjxUFbcUXxTGzNnu8RW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c90918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
capitolcanary.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 93ms
90ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Sep 2022 12:22:54 GMT
server: cloudflare
age: 223399
etag: W/"6311f59e-2063"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktAlFMNEmu%2BnFV1V%2FoB5R1SUiWW1N43nlrvWTq%2BGK7W7Fzz7U0zNTAlecTQ5jZ8m3QOPRHWXwUmJHlGB9gXKzVkuwl1lmkBn%2FFXE38flJH9XxRBWgyk6r7gTetjGaEYFG5ZJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74b24af18c9d918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fapv5tguvsk6.js Show response
js.driftt.com/include/1663254900000/ 211 KB
60 KB 263ms
167ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1663254900000/fapv5tguvsk6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9355d473ab5d34051c509a59390e426d2216a4b023b648ba640909f83d91b3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 20:33:39 GMT
server: nginx
etag: W/"75bc8aad2aa5afc557a388c8aed55eff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qMjQitaOums6QQtn5w3gjp7SUJDKxbW9
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4k0fALCcw0nsBfD-pGZMzhJdKJwqqE-ggVEleLKyIq6dO0k-5SR3_w==

GET
H2 200 614388d3366fa2001cc5a5fa Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 288ms
224ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/614388d3366fa2001cc5a5fa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7e24f54da1bb87e345887039266fc4daf031c46cb9db57ec6aad8453228893ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 74b24af1fcc801fc-ZRH
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

GET
H2 200 hotjar-574101.js Show response
static.hotjar.com/c/ 4 KB
3 KB 113ms
48ms Script
application/javascript 13.32.121.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-574101.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-36.fra60.r.cloudfront.net

Software

Resource Hash

bff43b039b0456ba77351fab46b4cda3242b187fd854f1ec49d30fdcc0a9b8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA60-P1
etag: W/cee8b341e647f9b9148527fa147f417f
strict-transport-security: max-age=604800; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: 01ckrTFvlMv-S9n1l9QwvQDkAuOd7l_nnLLnk2p-m_S-WqfAixEoNw==
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 87ms
23ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 15:11:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 728

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 436ms
107ms Script
text/javascript 54.226.8.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.8.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-8-81.compute-1.amazonaws.com
Software: /
Resource Hash: c8a2a5036e3f18e5c502cdcec0a5481743fcc0a9bd1f3657e005d3fbfc024573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Sep 2022 15:11:04 GMT
Content-Encoding: gzip
Cache-Control: max-age=5
transfer-encoding: chunked
Connection: keep-alive
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
63 KB 79ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-MDVLCWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5748790434e383a3d694458b55bd0de2b51b178b5db5de7efbad79182fef9c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64807
x-xss-protection: 0
expires: Thu, 15 Sep 2022 15:11:03 GMT

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 2 KB
979 B 300ms
194ms Script
text/javascript 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1663254663908

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.253 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
date: Thu, 15 Sep 2022 15:11:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 74b24af22c459125-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
86 KB 79ms
65ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

021000be46df0cff2921adb4981e2f9fc60636d9d36e663e1dc9fe900d8bf1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87622
x-xss-protection: 0
expires: Thu, 15 Sep 2022 15:11:03 GMT

GET
H2 200 SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2
fonts.gstatic.com/s/ebgaramond/v26/ 39 KB
40 KB 66ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:46:52 GMT
x-content-type-options: nosniff
age: 120251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40144
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:16:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 05:46:52 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 57ms
34ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:46:43 GMT
x-content-type-options: nosniff
age: 163460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:46:43 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 27ms
24ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 15:11:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4677
Expires: Sat, 24 Dec 2022 15:11:04 GMT

GET
H2 200 modules.d00377d3a043900eb4ef.js Show response
script.hotjar.com/ 252 KB
65 KB 66ms
19ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d00377d3a043900eb4ef.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-574101.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 13:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93717
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65532
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 13:08:33 GMT
etag: "74e062f975f5935c93ae5aff80efbd87"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -ETgG8qcaVYMdSjEru6nE9OlS4e_WMMy9_MdxW4A7FYx0owRLdeKiw==

POST
H/1.1 200
OK visitWebPage
486-vki-494.mktoresp.com/webevents/ 2 B
318 B 1029ms
172ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://486-vki-494.mktoresp.com/webevents/visitWebPage?_mchNc=1663254664053&_mchCn=&_mchId=486-VKI-494&_mchTk=_mch-capitolcanary.com-1663254664052-11440&mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&_mchHo=capitolcanary.com&_mchPo=&_mchRu=%2Ffake-page&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Fabout2.capitolcanary.com%2F&_mchQp=mkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 15:11:05 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: cb8f9b48-701e-4602-82db-9dbcf0536d9a

POST
H2 204 collect
region1.analytics.google.com/g/ 0
339 B 75ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MR1REW8MSK&gtm=2oe9e0&_p=2111324169&_gaz=1&gdid=dZTNiMT&cid=1320559828.1663254664&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663254664&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-MDVLCWQ
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
348 B 347ms
289ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MR1REW8MSK&cid=1320559828.1663254664&gtm=2oe9e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 90ms
39ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MR1REW8MSK&cid=1320559828.1663254664&gtm=2oe9e0&aip=1&z=1591226075

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 53 KB
17 KB 384ms
19ms Script
text/javascript 2600:9000:225e:1c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bf08a79b40655c8d77d19af5a176e0173270c34c564c7685493475f2389f1f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: Vddx38ZQKv1IbZ14KTosCACMGBmCuRF1
Content-Encoding: gzip
Etag: W/"ce41fb88f59dfd9edbd6253effb535a4"
Age: 2951
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Last-Modified: Wed, 07 Sep 2022 21:24:31 GMT
Server: AmazonS3
Date: Thu, 15 Sep 2022 14:21:56 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: jNQOCCY_57fQ5gd2_AMMGbXWP6gbGU4tGCgxuLkh2sGlKAV6c8Qhyw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 65ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1451ebda73e1fccd65503e67cc03f0ed6cccce3a1602f14b4fd11cf480145b4f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26869
x-xss-protection: 0
pragma: public
x-fb-debug: K2dusA1OBW6Rht3tjUh+jihWUiYgL5EXQzqviZgxIL7eFG+FUK54yv3Y0Br2ne9wAah9OZcnVV20jzxlf0fRPg==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 15 Sep 2022 15:11:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 171ms
105ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Sep 2022 15:11:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
15ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6906
date: Thu, 15 Sep 2022 13:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 15 Sep 2022 15:15:58 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 109ms
31ms Script
application/x-javascript 2a02:26f0:11a::6867:4868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=67116
accept-ranges: bytes
content-length: 3063

GET
H2 200 1425.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 265ms
191ms Script
text/javascript 2606:4700:4400::6812:2437
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1425.js?p=https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&e=

Requested by

Host: about2.capitolcanary.com
URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJEfIRc5O2seL1E2SE=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2437 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d22b9e12-2230-458b-bb81-4727482bf5d3
x-runtime: 0.006190
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
strict-transport-security: max-age=604800
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 74b24af3ed14cc62-ZRH

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 72ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

943a999ed495950eddd1f4f5619d858a3d88ddb88ec591e75eaa1ad5e6bc4111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74735
x-xss-protection: 0
expires: Thu, 15 Sep 2022 15:11:04 GMT

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 111ms
57ms Script
application/javascript 2606:4700::6812:1fcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/614388d3366fa2001cc5a5fa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1fcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f036563446cf05e238dc8eba66197fd0e3acd75f906eb7417760b847a71699c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 45330
cf-ray: 74b24af3eb4201db-ZRH
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Jul 2022 16:26:09 GMT
server: cloudflare
etag: W/"6a28c0e399c6dfbaad6af28ce1c365da"
vary: Accept-Encoding
x-amz-version-id: 1Nhx_Y67e6VXTMzzl68Z79su8AQ8v6Fp
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-type: application/javascript
x-amz-cf-id: mmUWuy7EoQDhoI7DZ3Z34E5259smJJPpX-hafRY7ktl8AAUQT3dGFQ==

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 60ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-80CPFVSEDB&gtm=2oe9e0&_p=2111324169&_gaz=1&cid=1320559828.1663254664&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663254664&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 205ms
204ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-80CPFVSEDB&cid=1320559828.1663254664&gtm=2oe9e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 89ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-80CPFVSEDB&cid=1320559828.1663254664&gtm=2oe9e0&aip=1&z=1491946495

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c.gif
grow.clearbitjs.com/api/ 35 B
239 B 286ms
261ms Image
image/gif 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fcapitolcanary.com%2Ffake-page&c=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.253 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
date: Thu, 15 Sep 2022 15:11:04 GMT
vary: Accept-Encoding
content-type: image/gif
cf-ray: 74b24af3c8c46933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 36ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.81

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: JOpNvHQFA74XfHSx0VaBoWnbSPwOPllR2m8BRbc+Sh0STXiiIPImadjujtSEOKHiQuQXnf0GnHAaaOGTgQA1Vw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 15 Sep 2022 15:11:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 656507917815711 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 241ms
222ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/656507917815711?v=2.9.81&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e98837865b2761c929953b75932081ba48ddc8faff2c357592e60838551f6481

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: jRK7X7OdtHJapE7yWc6Nc5Vqrp2WiKAL49nRmEaw/f0ltdNGDzFsbZ72UKD4ZRgZnIvlxdxE5rHA+8irIUe6xA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 15 Sep 2022 15:11:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 getForm Show response
app-sj20.marketo.com/index.php/form/ 8 KB
2 KB 136ms
134ms Script
application/javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-sj20.marketo.com/index.php/form/getForm?munchkinId=486-VKI-494&form=2574&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page&callback=jQuery112408621406945418484_1663254664263&_=1663254664264
Requested by: Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9df1ec2073602e65dfca1b750708bf12fabf11be7f6a6c77a489eb8e61de4d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b24af3c8c36933-FRA
cached: true
content-type: application/javascript; charset=utf-8

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1663254664331&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4Z...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45840%26time%3D1663254664331%26url%3Dhttps%253A%252F%252Fcapitolcanary.com%252Ffa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1663254664331&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4Z...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1663254664331&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4...

0
264 B

169ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1663254664331&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&liSync=true&e_ipv6=AQLapzRyMcjHUgAAAYNBtBYYgpwwkW3Ryj1jyrLA1CsLKZIZlf3XDQAwmmI-_IteUgw4lqnyzNHNVw0P_eZs8Iz6HPj44Q
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 00E87E7A6BE74ABF8A0B6A35D1E5EA11 Ref B: FRAEDGE1107 Ref C: 2022-09-15T15:11:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXouKd4t8x43JOl/UKdPQ==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 15 Sep 2022 15:11:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8683D1BD579F43378A936804A385E0A4 Ref B: FRAEDGE1418 Ref C: 2022-09-15T15:11:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1663254664331&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&liSync=true&e_ipv6=AQLapzRyMcjHUgAAAYNBtBYYgpwwkW3Ryj1jyrLA1CsLKZIZlf3XDQAwmmI-_IteUgw4lqnyzNHNVw0P_eZs8Iz6HPj44Q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXouKd2GCDHDeAoxftVCQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 59ms
22ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2111324169&t=pageview&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=184675788&gjid=1264404151&cid=1320559828.1663254664&tid=UA-33465110-1&_gid=460910986.1663254664&_r=1&gtm=2wg9e0TS9B9K9&z=1229911104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 107ms
106ms Stylesheet
text/css 54.226.8.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.8.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-8-81.compute-1.amazonaws.com
Software: /
Resource Hash: 7be2d7ed2b898c81c831a0c33ab73638a50f2e7d277eda934c291f787d354c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Sep 2022 15:11:04 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 431ms
110ms Fetch
image/jpeg 54.226.8.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.8.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-8-81.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Sep 2022 15:11:04 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976554992/ 3 KB
2 KB 106ms
65ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976554992/?random=1663254664353&cv=9&fst=1663254664353&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&auid=837302632.1663254664&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

947e1a412a7029adb192c13ccfcfc4954e27db255a68bbf67271e3fc1a98c3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1168
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
507 B 346ms
116ms XHR
application/json 3.220.203.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.203.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-203-163.compute-1.amazonaws.com
Software: Aorta/20220914.6ce81c6e5 /
Resource Hash: 2e73b2629357dc519ea2cc71b696a6d4395e3d00205b9af0ec1f1074adfbebaf

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
server: Aorta/20220914.6ce81c6e5
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://capitolcanary.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: e32467718d7b
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
327 B 361ms
119ms XHR
text/plain 18.235.90.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.90.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-90-40.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://capitolcanary.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H2

200

51557
stags.bluekai.com/site/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://stags.bluekai.com/site/51557?id=c:35aa95378d31dbdc7e203461627337ee&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1

62 B
227 B

360ms
223ms

Image
image/gif

104.96.159.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/51557?id=c:35aa95378d31dbdc7e203461627337ee&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Server: 104.96.159.57 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-159-57.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:05 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

Redirect headers

date: Thu, 15 Sep 2022 15:11:04 GMT
server: Aorta/20220914.6ce81c6e5
location: https://stags.bluekai.com/site/51557?id=c:35aa95378d31dbdc7e203461627337ee&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D122%26cm%3D$_BK_UUID&BKUUID=$_BK_UUID&limit=1
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 7889f2a9a825
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

451

711861.gif
id.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/liveramp_redir
https://id.rlcdn.com/711861.gif

0
98 B

107ms
40ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711861.gif
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 15 Sep 2022 15:11:04 GMT
server: Aorta/20220914.6ce81c6e5
location: https://id.rlcdn.com/711861.gif
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 2c16e7836acd
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 40ms
40ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-33465110-1&cid=1320559828.1663254664&jid=184675788&gjid=1264404151&_gid=460910986.1663254664&_u=YADAAEAAAAAAAC~&z=227124892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Sep 2022 15:11:04 GMT
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms2.css
app-sj20.marketo.com/js/forms2/css/ 13 KB
3 KB 41ms
40ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
age: 4505
etag: "7c03c7-3437-5e66047a81540"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74b24af4ba7a6933-FRA
content-length: 2623
expires: Thu, 15 Sep 2022 19:11:04 GMT

GET
H2 200 forms2-theme-plain.css
app-sj20.marketo.com/js/forms2/css/ 828 B
402 B 783ms
783ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
etag: "1120044-33c-5e66047a81540"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
strict-transport-security: max-age=63113904
accept-ranges: bytes
cf-ray: 74b24af4ba7c6933-FRA
content-length: 246
expires: Thu, 15 Sep 2022 19:11:05 GMT

GET
H2 200 plugin.min.js Show response
pathmonk-lib.pathmonk.com/plugin/ 28 KB
10 KB 88ms
17ms Script
application/javascript 2600:9000:2240:7000:5:b2d2:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:7000:5:b2d2:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f575d629b539dfe8d8925621fa60729e64e64ae2a6ca371c215d560710bb61f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: Vu6xiGVOlGJHKnzyeS1jAfdyOn_oB8_e
content-encoding: gzip
last-modified: Fri, 20 May 2022 21:40:25 GMT
server: AmazonS3
age: 22966
etag: W/"484cb233926da7d2db76e6e88989a775"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: public, max-age=27200
date: Thu, 15 Sep 2022 08:48:19 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: pugNKW69-BXyA6E4zfvnL1pxh3YGHHOaWbyFXqEr9sR7d92X8via4A==

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 138 KB
42 KB 136ms
40ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 8ed0cf160f028d85bf93923fb8db62e21e060f2d25c0d7993a61685d1752c67c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:43
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XJYTGJ70YXSQWQ9G
x-amz-id-2: CWgF+lhbY7Gi+fKrLh01senwr/fQ5dhmQUp60tpO03wV7KM3st2uSS6fwzVNQpIFk4KuxQ2qiuo=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"3820a63294d5f90189b74664d6ee5172"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 6f1f0b5dfd4ff321023c27622edb63cf
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 86ms
48ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33465110-1&cid=1320559828.1663254664&jid=184675788&_u=YADAAEAAAAAAAC~&z=1573373237

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33465110-1&cid=1320559828.1663254664&jid=184675788&_u=YADAAEAAAAAAAC~&z=1573373237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/976554992/ 42 B
548 B 46ms
33ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976554992/?random=1663254664353&cv=9&fst=1663254000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&async=1&fmt=3&is_vtc=1&random=2469554872&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976554992/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976554992/?random=1663254664353&cv=9&fst=1663254000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&async=1&fmt=3&is_vtc=1&random=2469554872&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVQJW343KJAW7GWROKSEFP/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

16ms
16ms

Script
application/javascript

2600:9000:225e:1c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: HTTP/1.1
Server: 2600:9000:225e:1c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: VS8aSrwndm.MeiNnyJ10ruHH56v74CIF
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 46903
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Fri, 02 Sep 2022 17:25:28 GMT
Server: AmazonS3
Date: Thu, 15 Sep 2022 02:09:23 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: j_aCMWYhW1qwl1DlMU2u8nzaHdZ2XyUBB3C_-2mo8F7d_s-7MCzRwg==

Redirect headers

Date: Wed, 14 Sep 2022 22:17:48 GMT
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Age: 60795
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: P4prOWl1TZHw8V-ykvyAUXKOHtvrTwFdVH19AMk0uwPpoPPiyI5sjQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

17ms
17ms

Script
application/javascript

2600:9000:225e:1c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: HTTP/1.1
Server: 2600:9000:225e:1c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 50316
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Thu, 15 Sep 2022 01:12:29 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: wNRSYglKmUo975jPCsGP7EYMDhx_2AUcDqJtJVwAOySfiTefx6jFSw==

Redirect headers

Date: Wed, 14 Sep 2022 22:17:49 GMT
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Age: 60795
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 6134wFdon-wVMUHxk_JWiv79T4T_QA1MgCOirl2ZcCY5yx3CHuqR4A==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/ 4 KB
3 KB 653ms
618ms Script
text/javascript 2600:9000:225e:1c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: .qpUy0sRgKhp2GtJqixiEI8j0mOnLGx3
Content-Encoding: gzip
Etag: W/"33ed216ef4569e95a97e55fb39d91d38"
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Mon, 12 Sep 2022 17:17:43 GMT
Server: AmazonS3
Date: Thu, 15 Sep 2022 15:11:06 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: k8CzLfp3yN8m8vlW64s6Op3abgwulpdZi3eTNF2gUYUH0Ai-4qSBEA==

GET
H2 200 mobile_detector.js Show response
pathmonk-lib.pathmonk.com/plugin/ 38 KB
16 KB 33ms
32ms Script
application/javascript 2600:9000:2240:7000:5:b2d2:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pathmonk-lib.pathmonk.com/plugin/mobile_detector.js
Requested by: Host: pathmonk-lib.pathmonk.com
URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:7000:5:b2d2:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 297b11b73f279cda0fd0e85dff57794632a55303e6a08fa2b8b4fd03df1a2030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: OZWfKrwCxc_Os9OoLN_cnSURFf4zZK4N
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 13:04:37 GMT
server: AmazonS3
age: 41652
etag: W/"341460b9e47d0a286138c94d2601b2a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: public, max-age=172800
date: Thu, 15 Sep 2022 03:44:35 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: z0PmndssJ686LGtmO3nSnFyHEnTI18O274gPQtIwJCpFoxM_m6uPNw==

GET
H2 200 core Show response
js.driftt.com/ Frame B59D 2 KB
1 KB 130ms
129ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1663254900000/fapv5tguvsk6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

461d0d61f20b966efed9a0934044786d247e2d0fc92ffc9a9b11e3f662ed8077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 15 Sep 2022 15:11:04 GMT
etag: W/"497645b70f0aa8ac6aa5f2571edff891"
last-modified: Wed, 14 Sep 2022 20:33:30 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-id: kk1pldslXRHvSRU5IrnqsB_pfrcId9BCSN_0nArDI5j9J5GUgb8qwQ==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: 1I7Ta2WRoPu_7s3AoxQYq00cLmUAO2sw
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 3360 2 KB
1 KB 90ms
88ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1663254900000/fapv5tguvsk6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

461d0d61f20b966efed9a0934044786d247e2d0fc92ffc9a9b11e3f662ed8077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 15 Sep 2022 15:11:04 GMT
etag: W/"497645b70f0aa8ac6aa5f2571edff891"
last-modified: Wed, 14 Sep 2022 20:33:30 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-id: jw_BUTtIXg7EZWAWvgM2_lMQJVcchYk2pPD47JrR3W6plA_DR5SYYw==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: 1I7Ta2WRoPu_7s3AoxQYq00cLmUAO2sw
x-cache: Hit from cloudfront

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 64ms
19ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=656507917815711&ev=PageView&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&rl=http%3A%2F%2Fabout2.capitolcanary.com%2F&if=false&ts=1663254664585&sw=1600&sh=1200&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663254664584.666456808&it=1663254664256&coo=false&dpo=&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 15 Sep 2022 15:11:04 GMT

GET
H2 200 t.js Show response
wec-assets.terminus.services/258f71bf-a18a-4aa1-8bbb-686b534a4d71/ 38 KB
11 KB 445ms
391ms Script
application/javascript 18.66.122.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wec-assets.terminus.services/258f71bf-a18a-4aa1-8bbb-686b534a4d71/t.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-59.fra60.r.cloudfront.net

Software

Resource Hash

58ea8b29d6afc005b192346e10f8c92f40f4c7ce3e73596a40f7b9860e970269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
strict-transport-security: max-age=31536000
content-encoding: gzip
x-amz-cf-id: Y8g8GDYWlojfEAjEKF0PnwjKMsLj0MYli14mDotyFweuduiKio5_Eg==

GET
H2 200 desktop.style.min.css
pathmonk-lib.pathmonk.com/plugin/ 3 KB
1 KB 20ms
19ms Stylesheet
text/css 2600:9000:2240:7000:5:b2d2:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pathmonk-lib.pathmonk.com/plugin/desktop.style.min.css
Requested by: Host: pathmonk-lib.pathmonk.com
URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:7000:5:b2d2:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfe027020696c17e347c93e23e60de05056c2b7c6763bb31e168f073d8dd421a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: i6ezVrwTfinpv28qCr2kzTm94RcH7WHs
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 12:05:54 GMT
server: AmazonS3
age: 6305
etag: W/"6dac2c07fa2d93d4adf3b6fb97aee04c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: public, max-age=7200
date: Thu, 15 Sep 2022 13:26:00 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 1MtW2HEqXwn4gTkpfeJikFP21Uuhzkd-yruVJyHTnEbzG9TNFsV_oA==

GET
H2 200 desktop.lib.min.js Show response
pathmonk-lib.pathmonk.com/plugin/ 7 KB
2 KB 19ms
19ms Script
application/javascript 2600:9000:2240:7000:5:b2d2:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pathmonk-lib.pathmonk.com/plugin/desktop.lib.min.js
Requested by: Host: pathmonk-lib.pathmonk.com
URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:7000:5:b2d2:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8f9f49d3876ee779a842453bf2fce64102ebb39ee06b87018573b41d6458e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: EO_ttkYh84fG4yT8bAr65N3qYMTsZKpU
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:19:19 GMT
server: AmazonS3
age: 23973
etag: W/"51708e6336366f3b1c98e5fea861f122"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: public, max-age=27200
date: Thu, 15 Sep 2022 08:31:44 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: LFHgdBt-0U2pv0PpAF1q_e47rQIT_KbYb-BZdBUH3OYyIN631BiMiQ==

GET
H2 200 HVQJW343KJAW7GWROKSEFP Show response
d.adroll.com/consent/check/ 439 B
532 B 168ms
42ms Script
application/javascript 54.194.161.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVQJW343KJAW7GWROKSEFP?arrfrr=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&_s=5bb3ee89c488c9ed5769198d10fafd28&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.161.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-161-205.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 4b72638b6211bb2815e7a7eb4baa0ff7f857e55cd26e771f532642ea43caba3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
server: nginx/1.20.0
content-length: 439
content-type: application/javascript

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 2F00 2 KB
1 KB 81ms
16ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-574101.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 712437
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-id: n2QqZybz_hG1jvNf7jL90AwMPrpO_jqY8wfTeHIiy7b16DKCS4c2Sw==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 27ms
26ms Stylesheet
text/css 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XDTQYB3M3AJ8TN27
x-amz-id-2: vz70+bisFxzRQ71j/WiP7OfMosGdiEmFDc1r6ZnXH5Slm/ZK6UfxRfA+TXpNb7PI0ZNqMh/qQBc=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"fdfc47d7f4872c3530f2516e9f42a6ed"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 01b740bbdda2b2207e7da5f7e1ef4725
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 i57yvi9bgc3xiejmfo5p Show response
api.omappapi.com/v2/embed/45819/ 3 KB
2 KB 188ms
106ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/45819/i57yvi9bgc3xiejmfo5p
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 22d169a779bcd36a7756ae01d40f9e0436ce65d6831068f496dd7ce574425dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:10:56 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: i57yvi9bgc3xiejmfo5p
x-user-agent: standard--
last-modified: Fri, 24 Jun 2022 13:02:56 GMT
server: Pagely Gateway/1.5.1
etag: W/"dfa5b95a73f96cd170b7e3169240f8bb"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: 75SmAOIxrgftY-30gT0VC0IY0Rs_ieGD32_Tc7MRUjaeo8NSqJ0lEA==
expires: Thu, 15 Sep 2022 15:08:37 GMT

GET
H2 200 pn2pvg6l01pvo49mxel3 Show response
api.omappapi.com/v2/embed/45819/ 3 KB
2 KB 183ms
107ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/45819/pn2pvg6l01pvo49mxel3
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 6cc9c86dffdc7a5561248572b3869aae818e12cac55433c035dcef7c350a126f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:10:56 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: pn2pvg6l01pvo49mxel3
x-user-agent: standard--
last-modified: Tue, 06 Sep 2022 15:21:57 GMT
server: Pagely Gateway/1.5.1
etag: W/"86da9fe2c683332c7edf1fcdcc17612f"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: RBpk6DiaB4AuBn3IQI6MIlqn8D8QKbpIFItCA4cGzNY4b57jvmq0Wg==
expires: Thu, 15 Sep 2022 15:08:37 GMT

GET
H2 200 runtime~main.bff8bbce.js Show response
js.driftt.com/core/assets/js/ Frame 3360 6 KB
3 KB 28ms
26ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5cbff04625cdeb18dccddaed89e5f582f300b6fd3c3a9db885ac2610801f94a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:55:40 GMT
content-encoding: gzip
age: 76524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 17:45:30 GMT
server: nginx
etag: W/"ab76a2fbdf0381131a904222e5b79359"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qATcPFK8b8WJ71MLYfaYqEAP3k5MpFlj
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yfdpz0qwpNakQGdXuT41rU4cs3J9r4I35lJqxe4Ywz6nSwvzJeBxzg==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 35 KB
13 KB 34ms
33ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 8449875
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zbpOZneBltCmqMF9DCsAbQu2rz1OHZAOljIij_RFjKFjOXPBTQ6Alw==

GET
H2 200 main~493df0b3.7d8b6029.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 7 KB
3 KB 36ms
34ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.7d8b6029.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:21 GMT
server: nginx
etag: W/"d67b9f21a56510a527a7f7537b00473f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zuzu4zkNdNds.rM0TnlttVYiZf0bH2Nn
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hiGn_niw6zb2NM3f9KaE1eP7-2RMRoBwPAJVsxS9gkHZACzweUKOVA==

POST
H2 200 event Show response
apisdk.pathmonk.com/apisdk/v1/javascriptsdk/ 219 B
572 B 208ms
40ms XHR
application/json 52.213.225.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apisdk.pathmonk.com/apisdk/v1/javascriptsdk/event

Requested by

Host: pathmonk-lib.pathmonk.com
URL: https://pathmonk-lib.pathmonk.com/plugin/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.225.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-225-150.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.38 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 /

Resource Hash

1ce6af4af9a86c19004c001d475a379073f7618296b699eecdddc6a533c81b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.38 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 runtime~main.bff8bbce.js Show response
js.driftt.com/core/assets/js/ Frame B59D 6 KB
3 KB 33ms
32ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5cbff04625cdeb18dccddaed89e5f582f300b6fd3c3a9db885ac2610801f94a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:55:40 GMT
content-encoding: gzip
age: 76524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 17:45:30 GMT
server: nginx
etag: W/"ab76a2fbdf0381131a904222e5b79359"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qATcPFK8b8WJ71MLYfaYqEAP3k5MpFlj
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SB_7VLIFWgaX7o8E0sGd241EOc84J8UVMXXnEriHL-KaMxFhkX0H-A==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 35 KB
13 KB 40ms
40ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 8449875
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ln4LG87-DhXK9xarD7EBs88XK6YaXQa4kkqoUI_J_N0-i7rsRFuYBQ==

GET
H2 200 main~493df0b3.7d8b6029.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 7 KB
3 KB 42ms
42ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.7d8b6029.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:21 GMT
server: nginx
etag: W/"d67b9f21a56510a527a7f7537b00473f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zuzu4zkNdNds.rM0TnlttVYiZf0bH2Nn
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UvolBAmFvHEreTxl7Xx5aD1SMB2isRuGgru8i7Fa9-I9At6f1BX5uw==

GET
H2 200 48.36272856.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 47 KB
14 KB 65ms
63ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/48.36272856.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:20 GMT
server: nginx
etag: W/"11fc6ce0a6034588f5e23638e2b6c3f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k8.uxYl53iC1oeWvq0NE3PJ03yVM0lns
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L3mIBxUIEKUaG4K2mUdBEXufJtgGL-j-J3Un064xoE4f71rx3u3VOA==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 44 KB
13 KB 87ms
85ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:05 GMT
content-encoding: gzip
age: 6364559
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rhriNS8WygjGEv2GTbSa16tsLJlBsIO5
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cN74kXSHTUhJ3eXk8VjER2Mboy6Jy8QOdLN5vtYDcseaJ1hVNSpGOw==

GET
H2 200 18.40ab7295.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 16 KB
5 KB 88ms
86ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.40ab7295.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:19 GMT
server: nginx
etag: W/"fafe5f62fc3aec49b7966fa154962db8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3ktfD2K4Jga.M1SWwwN9gtZLMJ_jJceE
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p2I9s0l35w1L9srkR6QKytYbX73hNWpN1BtCIG8KCh-3aQkqQfBzgg==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 25 KB
8 KB 98ms
96ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 05:13:08 GMT
content-encoding: gzip
age: 4874276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:36 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oKmg4FrWOfQibH6GiwTJD5mzxlfV.GJ_
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mTFnw-hXnaYhT3MIqA3aKXmgz4gNIv4xWkLQdWt8-gL_U1wjJ7Hlaw==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 74 KB
23 KB 117ms
115ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:53:35 GMT
content-encoding: gzip
age: 6146249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DvU1VknvadEMM0li2kjSs2rGEgsC.2zC
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PMSJTm2jY5JN-SkrgZkFTmLSzlvI-DGXq_dFBzNyQn7L9_R0Pk9LEw==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 59 KB
19 KB 139ms
137ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 07:26:46 GMT
content-encoding: gzip
age: 6939858
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eI68DKvvjxiDbX_K1dX4xe2PNV6BS0F2
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OD4K6i7JuC12kgoArNL0fAb3E_TpLPbdSpE-TsMbA4UfvcZsxF2vkw==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 91 KB
28 KB 156ms
154ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 07:26:46 GMT
content-encoding: gzip
age: 6939858
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2rH9Vw5zwyFjPSSMs.YwDeMiE5sBqg4r
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O1YYD9rS_uX7i3zvyYQ1cj9Jc4-77sRMdEppplY_rWQfOI_LoAkRAA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 23 KB
7 KB 171ms
169ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:06 GMT
content-encoding: gzip
age: 6364558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:55 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7WrloWWSc22pVf.7ICrUs7406unnhgom
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y41AVqhZsZHVrojaViPSISw7jO6tuwoCTzLNKLShTVHaLSLQ0hzS5Q==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 62 KB
20 KB 185ms
184ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 03:22:54 GMT
content-encoding: gzip
age: 4880890
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Czs8PHX517U6kDfcy5c9LsKW5uxut099
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s4dtBiJ4NPieKdH7wfxDO4Bimhq1XgfkGcgDn6N8GZ3dUxFVWghTuA==

GET
H2 200 46.c9d569f4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 105 KB
34 KB 202ms
200ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.c9d569f4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:20 GMT
server: nginx
etag: W/"60ea9f8ff45a51f96f67728ef12e7e79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: z4GuioFw41AUfQig_beaXDNkINlEfczX
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T2vzQS0rfpGLrQUyGu3-TogLXzLQYPgCr9n4JVxZotrDb54iQCAITw==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 12 KB
12 KB 228ms
227ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 06:16:53 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 1155251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11808
last-modified: Thu, 01 Sep 2022 13:18:44 GMT
server: nginx
etag: "e5c98ad7a7e70a1957477e33db39149c"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: woU_NMwXT9PlBFgNTXSbQAfLwa5D1lHO
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KpkFnMM9goUDxTMh8l8LeHV5Qyy3LKuRga0Ebbjrmn7vXbR-3896vg==

GET
H2 200 28.190877b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 13 KB
6 KB 232ms
229ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:19 GMT
server: nginx
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: G0DP4jvUaKtIbfyIxWqyC1CIhSHB9xO6
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xlzT3Rix6TLRyOfDk6F1AhHET4kkd86dsc46O8MaRFwnNswD7YR--g==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 17 KB
7 KB 237ms
235ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 00:55:28 GMT
content-encoding: gzip
age: 4803336
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f.0PmvFwFO6wHvpJ0r6JG1gTthOACCRK
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AywFe-6jC3S6t64KwCu3v65TyYKP_8aNeT-9LhBR79qFuIcyP2l-KQ==

GET
H2 200 9.169d3073.chunk.css
js.driftt.com/core/assets/css/ Frame 3360 14 KB
3 KB 240ms
238ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.169d3073.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 18:58:26 GMT
content-encoding: gzip
age: 159158
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 18:39:49 GMT
server: nginx
etag: W/"b35f8e1e1998cfcf5160bc69e61be733"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mWxZm0YdLXuqK5qrrA48_Seg.yADHwPB
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RMaD8Dm3r3BAkrmYSyxhI3Iewe9M4aLiCzG1yWpNWfyBJlsrJOV7BA==

GET
H2 200 9.3561dc99.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 75 KB
23 KB 254ms
252ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.3561dc99.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c0a2b045ae77a754641461e6cd3a5db59b956dae5aa77afe3e972f6472c18087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:01:00 GMT
content-encoding: gzip
age: 504604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Sep 2022 18:29:44 GMT
server: nginx
etag: W/"a0976eae60c848bfd48d8ec6afe639c6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KqWtTIKT9d_HLuCfZPfRP5N_H66V4f5J
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xVBj1cGFbA7XTgyxuujDU88Dq8c--_oSwdMkh0H-neLVx0RGVTzfTA==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 3360 24 B
667 B 259ms
257ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 8449875
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s0m8YKRcT0svWu7hF4MQb_WCyNm1SPou0b5CjVgCNUaF_va37LwALw==

GET
H2 200 17.03ca23a7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 77 KB
20 KB 269ms
267ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.03ca23a7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d131f606d30ed1784f3ed4183977c23e9f299039ca280631f276e60148f685e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 20:29:21 GMT
content-encoding: gzip
age: 240103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 19:47:41 GMT
server: nginx
etag: W/"b4eaf756d0f717b86b92553c5ee7edff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Id8ak_r0_GOoyleDoAPxax9e7QknR4NV
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mXyZxNvMmfDSA3iWOiwAOVMpOLxjbBj2Z1BtyuzkxPzKCypNMFLkcA==

GET
H2 200 24.db814a5c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 49 KB
13 KB 283ms
281ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.db814a5c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

94f2901eb6f3003e812b3ff5ebdeca3044611aff20f9b4573e298207a93a4e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:01:00 GMT
content-encoding: gzip
age: 504604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Sep 2022 18:29:42 GMT
server: nginx
etag: W/"5462e4d5f5e595befd4b62b4eea8aaf3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9iqQA4uIF8w.tAYeWXtiZw_VSat.Mz0Z
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v77K9OTQ5tRKT6ttYnig22Nc2TBEl70MNvQim3rcgScwzrid57DjyA==

GET
H2 200 15.c66d2d81.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 40 KB
13 KB 288ms
287ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.c66d2d81.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f7bbfcc69139efba60b49cc7eb91d59bbe82081daad57056d5be5763fe8ab508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:55:41 GMT
content-encoding: gzip
age: 76523
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 17:45:27 GMT
server: nginx
etag: W/"4739ef923a51e9fc9e73bc192b6c752a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W5UVgRa0KD8n6gI27B_1iLa0F9Ma5gd0
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JfoXjM9F43XSPVapz_vjcQtgko8mKfqtwegux9BWN7ExIVSpg4d_pA==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/574101/ 148 B
322 B 142ms
44ms XHR
application/json 54.229.45.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/574101/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.45.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-45-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 48.36272856.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 47 KB
14 KB 262ms
258ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/48.36272856.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:20 GMT
server: nginx
etag: W/"11fc6ce0a6034588f5e23638e2b6c3f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k8.uxYl53iC1oeWvq0NE3PJ03yVM0lns
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rkvCvWtO3uHuxLSmxGK8f-ZnMnxJT69csOeLJRVDwZrk4NAipG9aJQ==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 44 KB
13 KB 269ms
265ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:05 GMT
content-encoding: gzip
age: 6364559
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rhriNS8WygjGEv2GTbSa16tsLJlBsIO5
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vQq-7EUqncKcjmnDqDyLh-TjkLPDT62qzjxjVerf7UaVLze2Nkb0pA==

GET
H2 200 18.40ab7295.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 16 KB
5 KB 274ms
270ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.40ab7295.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:19 GMT
server: nginx
etag: W/"fafe5f62fc3aec49b7966fa154962db8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3ktfD2K4Jga.M1SWwwN9gtZLMJ_jJceE
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RxjLcVr9dXrOX0QkFCrUYsh8RauvvxZjJe8Qpn8tB2Mf2c2fd4u_zQ==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 25 KB
8 KB 278ms
274ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 05:13:08 GMT
content-encoding: gzip
age: 4874276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:36 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oKmg4FrWOfQibH6GiwTJD5mzxlfV.GJ_
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lTA_mPm2d9NJ5i-aFHoZcIyT6YqoYheAT-ImpNetHYpDsRysjx1HLw==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 74 KB
23 KB 289ms
285ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:53:35 GMT
content-encoding: gzip
age: 6146249
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DvU1VknvadEMM0li2kjSs2rGEgsC.2zC
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rnKCWUBSy1el2uwrr2UuzyiOYjLW_9qUPPBJSdFDbOO2CN2gLGy07w==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 59 KB
19 KB 303ms
299ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 07:26:46 GMT
content-encoding: gzip
age: 6939858
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eI68DKvvjxiDbX_K1dX4xe2PNV6BS0F2
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k5NX_d5yUoaLk__adMiMfci_p1UEbzhoBWEXEwOlfnmd0KiJO83mjA==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 91 KB
28 KB 316ms
312ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 07:26:46 GMT
content-encoding: gzip
age: 6939858
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2rH9Vw5zwyFjPSSMs.YwDeMiE5sBqg4r
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T8wOxvweSIUIJICBc8KrU6V7xzYSf7cHyaZGH-S1ldL3nwLW-I94YQ==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 23 KB
7 KB 327ms
323ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 23:15:06 GMT
content-encoding: gzip
age: 6364558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 20:20:55 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7WrloWWSc22pVf.7ICrUs7406unnhgom
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SCQNM9x6xPSh3_pWiNOkQme6wpHsmfEWV7PcQOppmJfsjrzKBywJfA==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 62 KB
20 KB 334ms
331ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 03:22:54 GMT
content-encoding: gzip
age: 4880890
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Czs8PHX517U6kDfcy5c9LsKW5uxut099
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: umkreIu8J_ScDV6W_j4A3hXgXXoXF-cAjr_zGTj1VKtHueLuRX2EuA==

GET
H2 200 46.c9d569f4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 105 KB
34 KB 346ms
343ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.c9d569f4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:20 GMT
server: nginx
etag: W/"60ea9f8ff45a51f96f67728ef12e7e79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: z4GuioFw41AUfQig_beaXDNkINlEfczX
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X-rb_9FAhJb1kmEwgm_K9xHguJ9odIw2Nr0PTcUdMNk90FGnSJc_NA==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 12 KB
12 KB 366ms
363ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 06:16:53 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 1155251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11808
last-modified: Thu, 01 Sep 2022 13:18:44 GMT
server: nginx
etag: "e5c98ad7a7e70a1957477e33db39149c"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: woU_NMwXT9PlBFgNTXSbQAfLwa5D1lHO
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mzF_9grv-goEVJsaydVnpRBUMavmZ30hasb3n-0b8i2Gc7jT21rO8Q==

GET
H2 200 28.190877b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 13 KB
6 KB 367ms
364ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:25 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:19 GMT
server: nginx
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: G0DP4jvUaKtIbfyIxWqyC1CIhSHB9xO6
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M9awU81pv7DjZWAYF37Lw_wNf8F3IhfebPb4aUfdXWTj9kVrnfEY_w==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 17 KB
7 KB 372ms
369ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 00:55:28 GMT
content-encoding: gzip
age: 4803336
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 16:44:35 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f.0PmvFwFO6wHvpJ0r6JG1gTthOACCRK
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k77SszqUdnrlaHmhAbnocVauimXK0JkFaQTebU7LxQ36aKDEmNCuMg==

GET
H2 200 9.169d3073.chunk.css
js.driftt.com/core/assets/css/ Frame B59D 14 KB
3 KB 304ms
302ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.169d3073.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 18:58:26 GMT
content-encoding: gzip
age: 159158
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 18:39:49 GMT
server: nginx
etag: W/"b35f8e1e1998cfcf5160bc69e61be733"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mWxZm0YdLXuqK5qrrA48_Seg.yADHwPB
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SEICJ2rfU22ZSnQir6xVlRmxIg_Mm9uWs_kpoMOAN8j6WYXpdje4tw==

GET
H2 200 9.3561dc99.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 75 KB
23 KB 382ms
380ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.3561dc99.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c0a2b045ae77a754641461e6cd3a5db59b956dae5aa77afe3e972f6472c18087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:01:00 GMT
content-encoding: gzip
age: 504604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Sep 2022 18:29:44 GMT
server: nginx
etag: W/"a0976eae60c848bfd48d8ec6afe639c6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KqWtTIKT9d_HLuCfZPfRP5N_H66V4f5J
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IkEbW2Nct2wDNLEHUPDAmeFxKD0msSG4y9tFw83VyqxoRIycLLZiKg==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B59D 24 B
668 B 304ms
302ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 8449875
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5TilaVmRzMauMD7Pow7fbK_Z-PzJDBQMMp-9z7nrZTFyNEZWVMk6Ig==

GET
H2 200 17.03ca23a7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 77 KB
20 KB 400ms
398ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.03ca23a7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d131f606d30ed1784f3ed4183977c23e9f299039ca280631f276e60148f685e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 20:29:21 GMT
content-encoding: gzip
age: 240103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 19:47:41 GMT
server: nginx
etag: W/"b4eaf756d0f717b86b92553c5ee7edff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Id8ak_r0_GOoyleDoAPxax9e7QknR4NV
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QW1Es8D3aHQWBfytVzmHz4CkMueFyhdHjkzS4OCPOyz2UhpenvEguw==

GET
H2 200 24.db814a5c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 49 KB
13 KB 407ms
405ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.db814a5c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

94f2901eb6f3003e812b3ff5ebdeca3044611aff20f9b4573e298207a93a4e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:01:00 GMT
content-encoding: gzip
age: 504604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Sep 2022 18:29:42 GMT
server: nginx
etag: W/"5462e4d5f5e595befd4b62b4eea8aaf3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9iqQA4uIF8w.tAYeWXtiZw_VSat.Mz0Z
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XfR9Jim2BWx1RzXH9Dpb2ON3EwBNgNaCihMT9fgnRad1cNHor56CMQ==

GET
H2 200 15.c66d2d81.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 40 KB
13 KB 415ms
413ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.c66d2d81.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f7bbfcc69139efba60b49cc7eb91d59bbe82081daad57056d5be5763fe8ab508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:55:41 GMT
content-encoding: gzip
age: 76523
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 17:45:27 GMT
server: nginx
etag: W/"4739ef923a51e9fc9e73bc192b6c752a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W5UVgRa0KD8n6gI27B_1iLa0F9Ma5gd0
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ndoeS2PgHze4sDj29BbZoqrAItYYAFXwUyeb8gUuWl-4IQm1_MssPw==

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
444 B 120ms
120ms XHR
text/plain 54.226.8.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=rudbwtV5Hy_XalBAJdV4nQ&is_js=true&landing_url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&t=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&tip=PwZcrva8VrsWslQTfE0yzSzEtzdkHUNNWHI1kFP8H8o&host=https://capitolcanary.com&sa_conv_data_css_value=%20%220-21200460-a99d-4271-7772-b99e991fbf9a%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9132e585a385a47ae7abe986981a8e929d9409720&sa-user-id-v2=s%253A0-21200460-a99d-4271-7772-b99e991fbf9a%2524ip%2524217.64.151.32.dkC1Nc69n4KkLkI7QilzxbUYJ778zNCP7fVnPA8RzAA&sa-user-id=s%253A0-21200460-a99d-4271-7772-b99e991fbf9a.kXdpjAXoT1MNp1oMgkOBCt8xBFExcH0xcwnGm4BeIGI
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.8.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-8-81.compute-1.amazonaws.com
Software: /
Resource Hash: 250a093f7e99e4da00e86ea8ab8301c6dd652d8a47c519e3d8f37644807ff549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 15:11:04 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://capitolcanary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 18ms
18ms Script
application/javascript 2600:9000:225e:1c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Age: 122
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Date: Thu, 15 Sep 2022 15:10:28 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: xbqt0QqJTmfm8uSOR-pkAJfE36Rwbps-DfS1wkafj7XUrVb7jRFsPg==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 18ms
18ms Image
image/png 2600:9000:225e:1c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Age: 75453
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Date: Thu, 15 Sep 2022 01:37:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 51z6MTrb3xNNMIuKuK3mio86jn2Msz0EunnBh6eyTd-vG1mvuGP4qA==

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 27ms
26ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 09/01/2022 19:08:31
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Fri, 05 Aug 2022 15:30:54 GMT
cdn-proxyver: 1.02
cdn-fileserver: 419
etag: W/"62ed37ae-40cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 25143fa23d737c66711f45875b63383b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7.02d20d69.min.js Show response
a.omappapi.com/app/js/ 25 KB
8 KB 33ms
29ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/7.02d20d69.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 2da2d73c0aacc99bd013e8dfb77193d7390c41d640f8a140c9d3ae33abdfe748

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XDTYKGYY5G6VATG2
x-amz-id-2: TPr2i2i7cOMgCMxCe21q9REygObe08jCd1EICD79rz0BSlN1yLC+G5D0qJgMRzs+bMQIClHSI0E=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"606153d39a057c471d6c52ac72a31f4b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: d21a5fffc000519f9c03734509755dbc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.774caff7.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 35ms
31ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.774caff7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 783f1ec750040fa3f6639c6e97895ebee354f60199a3879b02f2a0764d2a9935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XDTNXGHJYZ136RVP
x-amz-id-2: lhQfK16Ko9v5VTDb1tkSZ7DK6PUlP2jRJpKR2nQT8QGV3Va0sRH+H1O6RaNM4mWcNAT/WFUff9o=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"274ab26ef4219b158cc0b6a1393a3626"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 2a851710b22b7ad0254d61c5aaf11401
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6.4fe172e6.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 36ms
32ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/6.4fe172e6.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: dbdaa18955ec9d111f51bc2c7699ef739cd7723971b733ae64c50d2e6a469046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XDTM48ABB859V4EB
x-amz-id-2: 4iie2WsvGgU+9XH7ScjQ2i4KVz94T3suoNzRgdWZtai1oNIDXoMsrhSkZr7oUUDR9CtEzsGqtV0=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"722dd79b5da2f326c8af6b9c9a855b68"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: a64c8f5b7690541448e94e1236fd03fb
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8.d7430580.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 38ms
34ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/8.d7430580.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: ef852f8a2529e275693793732660a37ace40b898ff3c64c71f1418fdcaad7794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XDTHJD4HSHFREF80
x-amz-id-2: bum+o1btWbYmY5sxgfzW/9xKF+4q8A3L8hg39xeORQ5Al2kGGJD2bSndaIm6RQ9pNKBkUDOzP7M=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7cd488334a00925fd9b1e56438a0dddb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 8ecb238aeed1dcbc08c6dfc073e53705
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 15.0fad9cb4.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 36ms
33ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/15.0fad9cb4.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 16cbc91df42006a0820c04d72165e0b5821f0c48124f0fba71d68a51f7aab12a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XDTV4JBBFS74KGTB
x-amz-id-2: aNgI6K06h2HqcMstul7AZrvjVkNavCno2o9bZ5clWMpvxCyqggscdZuY929RM0vL+eh+8gXMPTw=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"442e8c052d6b91bf1edd4a9825fae2dd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: e907cd0b9b6f89ed51c26abd8124a635
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 14.69f06628.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 40ms
38ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/14.69f06628.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: d389dfb1f8a8165c3165310fbf7e097d9ecf49ae4dc09c7cfa175352af5cbb01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XDTYBNJJ3C0V8F0N
x-amz-id-2: FWzYDTqJkiKdbhkOh90f3V3aiMeheTZoabrjRbn4Ift4K91GjSU0L+MOdyhHaSKLnjcKegp0vzM=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"8331ee8beff7a57371a628f77d361567"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 1404d5323a272b4f476933744ed03fef
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.b59ce5ab.min.js Show response
a.omappapi.com/app/js/ 853 B
1 KB 39ms
37ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.b59ce5ab.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 936f37306809457213940ba4f079763d702b10fbdfebefc36797b4f2f397e27a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/12/2022 17:13:44
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XDTMJ3EADXGKZWKB
x-amz-id-2: Tadb0sI2ikufMcIxL5R3JJeIcP+afJ8pyyvnHgkbZ3ZWCEXIcHCKYQa4Q72RnSGwTgdi2qIYdik=
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 17:13:35 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"e8d31755b43321dbc972dfed84340c98"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 106d2a581075b31a6156cfc5ed8f94cc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.bef0c81d.min.js Show response
a.omappapi.com/app/js/ 11 KB
4 KB 38ms
36ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.bef0c81d.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: e78b6aff6ca28b3e3b52739202ea334490d5c3eb7ffbb1bf35c1463309fb8ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: HIT
cdn-storageserver: DE-200
cdn-cachedat: 09/01/2022 19:08:31
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 17:35:08 GMT
cdn-proxyver: 1.02
cdn-fileserver: 433
etag: W/"630e4a4c-2b5f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 11b37df6673b074d95727468a44a14dc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 moment.min.js Show response
a.omappapi.com/app/js/moment.js/2.29.4/ 57 KB
21 KB 26ms
26ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/moment.js/2.29.4/moment.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 3abec75692735d0664a10337b1403620f8edf2b4cb4b9fc5216dea2e623b1f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:04 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 09/01/2022 19:08:36
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Fri, 05 Aug 2022 15:40:31 GMT
cdn-proxyver: 1.02
cdn-fileserver: 418
etag: W/"62ed39ef-e2d0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 27dd0fca9f8408b73384012be0e9cb1e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 57ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0690262903337c5392e015553dd03594040f0c86bfe53f1a3200f619d9e6d499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 14:56:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 15:11:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 15:11:05 GMT

GET
H2 200 font-awesome.css
a.omappapi.com/app/js/font-awesome/4.7.0/css/ 37 KB
8 KB 29ms
28ms Stylesheet
text/css 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/font-awesome/4.7.0/css/font-awesome.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:05 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 09/01/2022 19:08:33
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Fri, 05 Aug 2022 15:30:53 GMT
cdn-proxyver: 1.02
cdn-fileserver: 419
etag: W/"62ed37ad-9226"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 892dd515f73dbcac72458c141f3d90a4
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9be5ea61dfd01662475610-Copy-of-Expedia-webinar-1.png
a.omappapi.com/users/5c366117de21/images/ 81 KB
81 KB 33ms
33ms Image
image/webp 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/5c366117de21/images/9be5ea61dfd01662475610-Copy-of-Expedia-webinar-1.png
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: ebbd64fa7d5f7e973f6553c0daa7b95e81e46f1a0a203d315ac1f4dd1e3f10e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:05 GMT
cdn-edgestorageid: 731
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 09/09/2022 10:53:38
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 82596
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 15:20:54 GMT
cdn-proxyver: 1.02
cdn-fileserver: 370
etag: "63176556-142a4"
content-type: image/webp
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestpullcode: 200
cdn-requestid: f3c5ddbf198930e564f223f1cfeaa6b0
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 34.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 3360 3 KB
1 KB 105ms
104ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 20:51:02 GMT
content-encoding: gzip
age: 1016403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 01 Sep 2022 13:18:42 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rxRgEAXAQ8YU3stqfNk8baaCfNLByKA1
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: me8ku4oqrZTqMYs4Zxr-P0EZIlKxl7uvZUdu5kZxCdGxm5a_Qa6vDA==

GET
H2 200 34.07340d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 3 KB
2 KB 105ms
105ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.07340d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 01:27:09 GMT
content-encoding: gzip
age: 2900636
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 17:25:57 GMT
server: nginx
etag: W/"f732dfb3db72f996e1f4bc0225629a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xQrLWCxWByxoQmcVGKKzrywUOLJBavEW
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3QhKKzPwEVGOvQ_NZnOre695FJ9Ua6BIE-JP-7Y43d3d8XL8Gr30EQ==

GET
H2 200 moment-timezone-with-data-2012-2022.min.js Show response
a.omappapi.com/app/js/moment-timezone/0.5.34/ 41 KB
13 KB 27ms
27ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/moment-timezone/0.5.34/moment-timezone-with-data-2012-2022.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 7ed17775731ec99f940c02d17c8944d31c3e2f6d2884369af025e47285468720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:05 GMT
content-encoding: br
cdn-edgestorageid: 731
perma-cache: HIT
cdn-storageserver: DE-200
cdn-cachedat: 09/01/2022 19:08:36
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Fri, 05 Aug 2022 15:40:31 GMT
cdn-proxyver: 1.02
cdn-fileserver: 419
etag: W/"62ed39ef-a5f4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 5256f6901b090956d1584487d168ef91
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 48ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 246031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:50:34 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2EAA 0
18 B 37ms
18ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://capitolcanary.com
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://capitolcanary.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 15:11:05 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 141ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=258f71bf-a18a-4aa1-8bbb-686b534a4d71|53980f0b-5917-41ed-8f95-8b98bbfa25f8
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 t.gif
wec-assets.terminus.services/258f71bf-a18a-4aa1-8bbb-686b534a4d71/ 43 B
295 B 391ms
390ms Image
image/gif 18.66.122.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wec-assets.terminus.services/258f71bf-a18a-4aa1-8bbb-686b534a4d71/t.gif?d=53980f0b-5917-41ed-8f95-8b98bbfa25f8&s=01d2306f-fc3b-4757-ae60-ec3da087960b&p=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&cb=1663254665232&t=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&r=http%3A%2F%2Fabout2.capitolcanary.com%2F&e=page_viewed&u=978235f3-ebf1-4fd1-9512-3a99499a1c2d-1663254665232

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-59.fra60.r.cloudfront.net

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:05 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 6uTDnmxVmJB-mKfybxAeOP7u1YuDzivYiB9eI_hjaM8a2cReQtDX6w==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 9 KB
3 KB 17ms
16ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 23:25:32 GMT
content-encoding: gzip
age: 7314333
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TECUg7d86WX7vnRDMMsPI2YHCl6Gxq76iD0_iFSPx-XhWg-2BYslgg==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 3360 7 KB
2 KB 18ms
16ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 06:10:58 GMT
content-encoding: gzip
age: 2883607
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 17:25:54 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jy.yesoRNpKDO6ux_nVwRbhHCWZjl1WB
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xulDUxOE8GRvFIkG5W0RJMrl_ubPzHlUgogRM4T4AvixM_AyMVZ4lQ==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 54 KB
15 KB 30ms
29ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:26 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:20 GMT
server: nginx
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _kry5Vt7qkbP1XHkOczJttIwv4KZoljE
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6-bfF3gPoKNvhjmszUUKcIMVxBzsDb3rTN7yn-U2qnKe-F7bXZj1vw==

GET
H2 200 1.a51daee8.chunk.css
js.driftt.com/core/assets/css/ Frame 3360 43 KB
7 KB 20ms
19ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.a51daee8.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

79b11c988e0926dcb77087f3c39a3c72f7226421b7992fa1aecbf89634906a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:05:26 GMT
content-encoding: gzip
age: 695139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 19:38:17 GMT
server: nginx
etag: W/"2f8b87e824e4cc9983e43d6c7156ae79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9uAzsWd8.cMIOLpQvGupWPxd1QsEBbuH
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R5DPxIJL16imWO1CxgPsYFrHeS9EcZ237RpGuewC6zt3UcdOntVEYw==

GET
H2 200 1.be78b7d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 73 KB
25 KB 38ms
37ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.be78b7d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4d6c1d607c4973c8583c81948b2678a9c6a2d51e1ff612583af289b1cc468627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:01:01 GMT
content-encoding: gzip
age: 504604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Sep 2022 18:29:41 GMT
server: nginx
etag: W/"b5e6b0b8bc4b8b825b43c3feff8cc7d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yieQm5J.oTAdbS5clSGzVNsxWRgweD7W
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5I7MEsrUKOMkxtIe4qG3HdRkmjXv6I8wYqHk0b0Hcp8HACWIYZhlzw==

GET
H2 200 32.a39c83a8.chunk.css
js.driftt.com/core/assets/css/ Frame 3360 14 KB
3 KB 21ms
20ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.a39c83a8.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8c83e8a58f1d0c88d1574a24d528a31d7804cdd0741235010bf4ce5ffd30b878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 20:29:22 GMT
content-encoding: gzip
age: 240103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 19:47:39 GMT
server: nginx
etag: W/"a5e166130ff052851935f17711177b8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nfqP47c2jMCd2NEGU7bVKOzPpQCtTzGt
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: knsxmglbB4i-qj9y0kkpx2M6zja6cFWhS-mp6qEAxVTmakMDSHpepw==

GET
H2 200 32.a2b7c4c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3360 12 KB
5 KB 44ms
44ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.a2b7c4c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

08180fe4782eb8a2703e219199e24d517b5a53544a9927aa56d65abe51d7b131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663254663422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 20:29:22 GMT
content-encoding: gzip
age: 240103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 19:47:42 GMT
server: nginx
etag: W/"0556ad2949a758efdcc1debd3a59f9cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ln5ozkuB2mNjHhStLQNaJEjscV1h_gia
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: agEbGYpWStoN9M1mzVIh2XN9Hw5BxqQ3VcLPiUgCLegjZudH9WjlxQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 9 KB
3 KB 30ms
27ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 23:25:32 GMT
content-encoding: gzip
age: 7314333
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ofe316v_BWQgryGMpAlU8lbVpB5kJvvpYNNjGybv_jL77PuJiMMI7A==

GET
H2 200 26.2d4cdbd1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 34 KB
10 KB 37ms
33ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:23:27 GMT
content-encoding: gzip
age: 1284458
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:10:09 GMT
server: nginx
etag: W/"c55d27c90bd5affbf7c7047151ac3b6a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: siv4sYmLp3BEOV5kWKjSS9V7tHMZAkGl
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -APOin17R3afo2uZZcPLwK9zEbFMiPzBJcF-kVJAL31_zlAq_3dFPA==

GET
H2 200 27.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame B59D 8 KB
2 KB 31ms
28ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 01:42:04 GMT
content-encoding: gzip
age: 1430941
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 21:13:13 GMT
server: nginx
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: o6Mn8iWshgmcy2o5f_hocRiRC01jfiMI
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DCWTaJYzqTWsyTTkvQd92_jNaMdPQCyfqWhrp0LYjXLjM6MYLpDX5Q==

GET
H2 200 27.4c547f3a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 13 KB
6 KB 39ms
35ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.4c547f3a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9f90c841a0a04481810afcd958b481b97c0a49af9bf4f1718d6ba9e979144f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:01:01 GMT
content-encoding: gzip
age: 504604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Sep 2022 18:29:42 GMT
server: nginx
etag: W/"38b04fea4ae70e051b3b8839ca826d50"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zhphwxACbQK1VqTuGHSBo90CI4Yu3wXl
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fSZ5KFmi2z_p8O-4fLCOUY2fQflYbotNvo1Y09Q0ewMUEgSPF2R4CA==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame B59D 365 B
1009 B 39ms
36ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 04:38:21 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 1765964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Thu, 25 Aug 2022 21:13:13 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0qTUVNxeDehZuMQX6dMenM0wOhIgB9z3
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U9DmqK3auUHdDHPI-VkTQA6brwCnat2YXlW0h-LJJu5IwoTqgOauHw==

GET
H2 200 19.a49def96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B59D 88 KB
24 KB 43ms
42ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.a49def96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.bff8bbce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c88dc87682c30bebeb344ddd6d38d41bf200bc251eb9f3c93d1d197cd1fb343d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=eee2980e-cc2f-4d0f-85a2-d9cd579fca7d&sessionStarted=1663254664.56&campaignRefreshToken=5a02e679-bf63-424f-a8dc-a06f5f05e63b&hideController=false&pageLoadStartTime=1663254663422&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 19:01:01 GMT
content-encoding: gzip
age: 504604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 09 Sep 2022 18:29:42 GMT
server: nginx
etag: W/"3955b72aaf87a56cfd9096153a2e2a2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2gGXXw7KaW7ZhFETTILuMVlyqfO.QAYn
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: crlp61g4vKQdA2xmw4FyjTcDAehWEq_10bRu9QzOn8z7Un6itBpTig==

GET
H2 200 XDFrame Show response
app-sj20.marketo.com/index.php/form/ Frame C59C 2 KB
892 B 779ms
779ms Document
text/html 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/index.php/form/XDFrame

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89a8bee77d21587af1a9e0dcd26a779b62436084eaf136c354ff1bf39f2c280

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 74b24afadcb96933-FRA
content-encoding: gzip
content-length: 651
content-type: text/html; charset=utf-8
date: Thu, 15 Sep 2022 15:11:06 GMT
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame B59D 25 B
123 B 128ms
128ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/48.36272856.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 15:11:05 GMT
server: istio-envoy
requestid: 2b1e8d851fe9b511
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 394ms
112ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 15 Sep 2022 15:11:05 GMT
requestid: drift2102a1b43b19978dcdc1ba04c40
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame B59D 147 B
245 B 113ms
112ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/48.36272856.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

8c4c71b0169b02ae8c5a0ba34b1acccfe2c52589f2ab3457edce9db2c7b53f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 15:11:05 GMT
server: istio-envoy
requestid: 62bc7d9f4bb8c64a
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 391ms
111ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 15 Sep 2022 15:11:05 GMT
requestid: drift3f5494b4b108e4ba85511da74ea
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 forms2.min.js Show response
app-sj20.marketo.com/js/forms2/js/ Frame C59C 208 KB
69 KB 52ms
52ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-sj20.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 15:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 04:25:19 GMT
server: cloudflare
age: 3840
etag: "1121612-33e56-5e7316b14b766"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 74b24affdd126933-FRA
expires: Thu, 15 Sep 2022 19:11:06 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame E806 0
181 B 98ms
92ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&upid=21br8ux&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 15 Sep 2022 15:11:06 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2111324169&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25&el=%2Ffake-page&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1320559828.1663254664&tid=UA-33465110-1&_gid=460910986.1663254664&gtm=2wg9e0TS9B9K9&z=723526483

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 21:27:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63800
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2111324169&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50&el=%2Ffake-page&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1320559828.1663254664&tid=UA-33465110-1&_gid=460910986.1663254664&gtm=2wg9e0TS9B9K9&z=1656270409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Sep 2022 21:27:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63800
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame B59D 25 B
86 B 135ms
134ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/48.36272856.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 15:11:08 GMT
server: istio-envoy
requestid: 9e2d9d52d85bca
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 23
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 110ms
108ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 15 Sep 2022 15:11:08 GMT
requestid: driftc9315c24dc8827e01ef72904209
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 27ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-80CPFVSEDB&gtm=2oe9e0&_p=2111324169&gdid=dZTNiMT&cid=1320559828.1663254664&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1663254664&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGG4FCXrPQdu3uDMe2BU0tYkHgu-qeAp8rdiRt-T3e4ZMv0dRSUWizSlyTJCOAADORHUr1dMDz8s6Ip1-6Fb6qJBEDMa113P8sAJbibdlCzLw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 15:11:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame B59D 0
0

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 110ms
110ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 15 Sep 2022 15:11:11 GMT
requestid: drift169b4df4d9d8ee9b10209e85e7e
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: metrics.api.drift.com
URL: https://metrics.api.drift.com/monitoring/metrics/add/bulk

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capitolcanary.com/	1970-01-20 15:36:54	Name: _mkto_trk Value: id:486-VKI-494&token:_mch-capitolcanary.com-1663254664052-11440
.capitolcanary.com/	1970-01-20 15:36:54	Name: _ga_MR1REW8MSK Value: GS1.1.1663254664.1.0.1663254664.60.0.0
.capitolcanary.com/	1970-01-20 08:10:30	Name: _gcl_au Value: 1.1.837302632.1663254664
.ws.zoominfo.com/	1970-01-20 14:46:30	Name: visitorId Value: 82a4e4d86f70d6300bbd0f742a326526a5ed6b2cc1e3c3a7fa07fa9905bfc77a
.zoominfo.com/	1970-01-20 06:00:56	Name: __cf_bm Value: 3kBSzbMuGuKwEqsZ.R9nh4mzEVk0D0BZFEvUaJU4v.c-1663254664-0-AbfV8i0SnCFtHqat5sjxcquosXJb9Oi2Pyt5jJs0uh85/BOpiuTUeLtjDJTgOCIWFuFCmT+AlQRXA4WyZUKYi48=
.capitolcanary.com/	1970-01-20 15:36:54	Name: _ga_80CPFVSEDB Value: GS1.1.1663254664.1.0.1663254664.60.0.0
.app-sj20.marketo.com/	1970-01-20 06:00:56	Name: __cf_bm Value: LuIgyhRANESiO0uwvkTjWnaCcQ9X.VuUUzvQxKkgiM0-1663254664-0-AVfsfpPjUvFXHa6OCZLYQg8zi358YF1C2MRYYQFKPReUCxyix9Qnemi0zTrvgLBUcIbgUtcuafQkxmSRv7TUzSI=
.capitolcanary.com/	1970-01-20 15:36:54	Name: _ga Value: GA1.2.1320559828.1663254664
.capitolcanary.com/	1970-01-20 06:02:21	Name: _gid Value: GA1.2.460910986.1663254664
.capitolcanary.com/	1970-01-20 06:00:54	Name: _gat_UA-33465110-1 Value: 1
tags.srv.stackadapt.com/	1970-01-20 14:46:30	Name: sa-user-id Value: s%3A0-21200460-a99d-4271-7772-b99e991fbf9a.kXdpjAXoT1MNp1oMgkOBCt8xBFExcH0xcwnGm4BeIGI
.srv.stackadapt.com/	1970-01-20 14:46:30	Name: sa-user-id-v2 Value: s%3AISAEYKmdQnF3crmemR-_mtlAlyA.yQXpcOX13FGDKGKY5Qr1ajeeh6fnOh7DFkI30fwYpRg
capitolcanary.com/	1970-01-20 14:46:30	Name: sa-user-id Value: s%253A0-21200460-a99d-4271-7772-b99e991fbf9a.kXdpjAXoT1MNp1oMgkOBCt8xBFExcH0xcwnGm4BeIGI
capitolcanary.com/	1970-01-20 14:46:30	Name: sa-user-id-v2 Value: s%253A0-21200460-a99d-4271-7772-b99e991fbf9a%2524ip%2524217.64.151.32.dkC1Nc69n4KkLkI7QilzxbUYJ778zNCP7fVnPA8RzAA
.doubleclick.net/	1970-01-20 06:00:55	Name: test_cookie Value: CheckForPermission
tracking.g2crowd.com/	1970-01-20 06:21:04	Name: _session_id Value: 81b16b08f797ec5fea7c337b8b727f5a
.g2crowd.com/	1970-01-20 06:00:56	Name: __cf_bm Value: ZfdUGpUsbcyJD.le0ou5wf_lWmN2fKE06XpyhCJxsfE-1663254664-0-Ac9lrwSfhesCb1lP6gr40KWBtDJ2IQsXEAurzp6W+IFfrMySzWC5Tbr4HtLn9Uap5Dpmw9+G2sUK8xYUr8255wI=
.linkedin.com/	1970-01-20 06:44:06	Name: UserMatchHistory Value: AQJcR3Fm89o78gAAAYNBtBUMzveT3wQND_EpzbclMvb4neccXjwS5wCMQwrmROA9P0sRtZ60135XbA
.linkedin.com/	1970-01-20 06:44:06	Name: AnalyticsSyncHistory Value: AQIvjt4ILEpaQAAAAYNBtBUMqRNYgtVnsEIzzBpBrLE6v3xhl-IvfYyKg5TyroaFnBJuxDZyJbtIiJP8lt6yHA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:46:30	Name: bcookie Value: "v=2&4198f18e-0196-4513-8713-d84d48f80f82"
.linkedin.com/	1970-01-20 06:02:21	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2722:u=1:x=1:i=1663254664:t=1663341064:v=2:sig=AQEuuNqAiERqo_Jw5BvA0piAcHt-xBwg"
capitolcanary.com/	1970-01-20 06:00:56	Name: drift_campaign_refresh Value: 5a02e679-bf63-424f-a8dc-a06f5f05e63b
.capitolcanary.com/	1970-01-20 08:10:30	Name: _fbp Value: fb.1.1663254664584.666456808
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:46:30	Name: bscookie Value: "v=1&2022091515110422ad5cb2-8a8d-4bfe-88bb-84908cd3d98aAQEZG5kC9rXcY4ujaqrsVtbemhUF9OVC"
.linkedin.com/	1970-01-20 10:20:06	Name: li_gc Value: MTswOzE2NjMyNTQ2NjQ7MjswMjEakLT8l+fGms5Vr4RJiFQU4iMaAF5jMUA46bNIV4ko8Q==
.facebook.com/	1970-01-20 08:10:30	Name: fr Value: 0ya722GERn43IvbwG..BjI0CI...1.0.BjI0CI.
capitolcanary.com/	1970-01-20 15:36:54	Name: _omappvp Value: gNr3A61qEhFdbLIb93i0U601q38bqKdMy4ewY1rivNUvWvTMYG3vYEk2sGhC45fLPaC8qDjCvI6f36KOvdV52w6ttBzTd6RI
capitolcanary.com/	1970-01-20 06:00:55	Name: _omappvs Value: 1663254664683
.capitolcanary.com/	1970-01-20 14:46:30	Name: _hjSessionUser_574101 Value: eyJpZCI6ImNlYjFkNjcxLTQ3YjEtNWFlOS05YzY1LTIzNDVjMmZlZDliNSIsImNyZWF0ZWQiOjE2NjMyNTQ2NjQxNDgsImV4aXN0aW5nIjpmYWxzZX0=
.capitolcanary.com/	1970-01-20 06:00:56	Name: _hjFirstSeen Value: 1
capitolcanary.com/	1970-01-20 06:00:54	Name: _hjIncludedInSessionSample Value: 0
.capitolcanary.com/	1970-01-20 06:00:56	Name: _hjSession_574101 Value: eyJpZCI6ImZlNjliMTYzLTZlMGMtNDZkZC1iYTViLWQ4NWZhZTNjMDQ1ZCIsImNyZWF0ZWQiOjE2NjMyNTQ2NjQ3NTYsImluU2FtcGxlIjpmYWxzZX0=
capitolcanary.com/	1970-01-20 06:00:54	Name: _hjIncludedInPageviewSample Value: 1
.capitolcanary.com/	1970-01-20 06:00:56	Name: _hjAbsoluteSessionInProgress Value: 0
capitolcanary.com/	1970-01-20 14:46:30	Name: d-a8e6 Value: 53980f0b-5917-41ed-8f95-8b98bbfa25f8
capitolcanary.com/	1970-01-20 06:00:55	Name: s-9da4 Value: 01d2306f-fc3b-4757-ae60-ec3da087960b

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJEfIRc5O2seL1E2SE= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGG4FCXrOJz3OmWpURrVPNPXzPC_XViAV-lJ_1KMqrGIHXLkNQixr464xJEfIRc5O2seL1E2SE= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://id.rlcdn.com/711861.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-PtCHTIc7Hxvyl2Y3NVbSC6COlVQt3l/M4cUDnUa4/v8=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

486-vki-494.mktoresp.com
a.omappapi.com
about2.capitolcanary.com
aorta.clickagy.com
api.omappapi.com
apisdk.pathmonk.com
app-sj20.marketo.com
bootstrap.api.drift.com
capitolcanary.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grow.clearbitjs.com
hemsync.clickagy.com
id.rlcdn.com
in.hotjar.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
match.adsrvr.org
metrics.api.drift.com
munchkin.marketo.net
pathmonk-lib.pathmonk.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.adroll.com
script.hotjar.com
snap.licdn.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
tags.clickagy.com
tags.srv.stackadapt.com
tracking.g2crowd.com
vars.hotjar.com
wec-assets.terminus.services
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
metrics.api.drift.com
104.16.93.80
104.96.159.57
13.107.42.14
13.227.73.29
13.32.121.36
141.193.213.11
142.250.186.130
18.235.90.40
18.66.112.118
18.66.112.92
18.66.122.59
18.66.147.116
185.180.12.68
192.28.147.68
2001:4860:4802:32::36
216.24.57.253
23.205.237.4
2600:9000:2240:7000:5:b2d2:2280:93a1
2600:9000:225e:1c00:6:9280:1080:93a1
2606:4700:4400::6812:2437
2606:4700::6810:a852
2606:4700::6812:1fcd
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9a
2a02:26f0:11a::6867:4868
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.220.203.163
35.244.174.68
52.184.251.130
52.213.225.150
52.222.236.43
52.223.40.198
54.147.21.139
54.194.161.205
54.226.8.81
54.229.45.147
021000be46df0cff2921adb4981e2f9fc60636d9d36e663e1dc9fe900d8bf1dc
0690262903337c5392e015553dd03594040f0c86bfe53f1a3200f619d9e6d499
08180fe4782eb8a2703e219199e24d517b5a53544a9927aa56d65abe51d7b131
0aa5201729bac890535667e48073ab88a75040b0858a54292ec020832e4aee24
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8acc0c1a541b4572172f8c39ff60f586962fa6bb9f1edd840d1d77da1d3818
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1451ebda73e1fccd65503e67cc03f0ed6cccce3a1602f14b4fd11cf480145b4f
16cbc91df42006a0820c04d72165e0b5821f0c48124f0fba71d68a51f7aab12a
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1ce6af4af9a86c19004c001d475a379073f7618296b699eecdddc6a533c81b2d
1d2815b39a4a2e55fe5ddf10e788f5dc595b9146c50ad7ffba59076a1c42fe6e
22d169a779bcd36a7756ae01d40f9e0436ce65d6831068f496dd7ce574425dc1
250a093f7e99e4da00e86ea8ab8301c6dd652d8a47c519e3d8f37644807ff549
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
297b11b73f279cda0fd0e85dff57794632a55303e6a08fa2b8b4fd03df1a2030
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2da2d73c0aacc99bd013e8dfb77193d7390c41d640f8a140c9d3ae33abdfe748
2e73b2629357dc519ea2cc71b696a6d4395e3d00205b9af0ec1f1074adfbebaf
306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3abec75692735d0664a10337b1403620f8edf2b4cb4b9fc5216dea2e623b1f34
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772
419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
44c1e4738705bab988e778131a999b93fd5f1f5f1d815f3bb652c6434fc9c992
461d0d61f20b966efed9a0934044786d247e2d0fc92ffc9a9b11e3f662ed8077
46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
4b72638b6211bb2815e7a7eb4baa0ff7f857e55cd26e771f532642ea43caba3a
4d6c1d607c4973c8583c81948b2678a9c6a2d51e1ff612583af289b1cc468627
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
539aff846b53091b87d529c32adb7793b802220256609c3a260971dafc8e7481
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5748790434e383a3d694458b55bd0de2b51b178b5db5de7efbad79182fef9c2d
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
581a118e4a2b33f2d2738b1e0a946a0223e9e6d0bcc579463148d6ea1d089cf4
58ea8b29d6afc005b192346e10f8c92f40f4c7ce3e73596a40f7b9860e970269
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56
5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48
5cbff04625cdeb18dccddaed89e5f582f300b6fd3c3a9db885ac2610801f94a4
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
698cd435eec4c16ebf0fc24cf4dd5aca96d7b96a1b017742f5a98b403a4a6b92
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6cc9c86dffdc7a5561248572b3869aae818e12cac55433c035dcef7c350a126f
6ef3a96924cdd39f4ebd6efe627eab4d9ad621850e29abcc0b8b6d65cbe95268
71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211
72b423a0123fcab2438d70ce28a79c637526d650b9313a4d88b9ae3b9c450230
783f1ec750040fa3f6639c6e97895ebee354f60199a3879b02f2a0764d2a9935
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
79b11c988e0926dcb77087f3c39a3c72f7226421b7992fa1aecbf89634906a48
79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf
7be2d7ed2b898c81c831a0c33ab73638a50f2e7d277eda934c291f787d354c8c
7d8f9f49d3876ee779a842453bf2fce64102ebb39ee06b87018573b41d6458e7
7e24f54da1bb87e345887039266fc4daf031c46cb9db57ec6aad8453228893ec
7ed17775731ec99f940c02d17c8944d31c3e2f6d2884369af025e47285468720
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b755aabb87e872238b42a2ae96fef3a5ea66cc74372fa02a9f98e9787730b6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858a82228958a3c8de474987772f997f6feeab666d6a34ac740b01fe81f69cac
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89883270ecd3fd6c1f20edf2008ed776a34c017f95ce34ccf1568c900c302474
8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9
8bf08a79b40655c8d77d19af5a176e0173270c34c564c7685493475f2389f1f6
8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a
8c4c71b0169b02ae8c5a0ba34b1acccfe2c52589f2ab3457edce9db2c7b53f58
8c83e8a58f1d0c88d1574a24d528a31d7804cdd0741235010bf4ce5ffd30b878
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8ed0cf160f028d85bf93923fb8db62e21e060f2d25c0d7993a61685d1752c67c
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
9355d473ab5d34051c509a59390e426d2216a4b023b648ba640909f83d91b3ee
936f37306809457213940ba4f079763d702b10fbdfebefc36797b4f2f397e27a
943a999ed495950eddd1f4f5619d858a3d88ddb88ec591e75eaa1ad5e6bc4111
947e1a412a7029adb192c13ccfcfc4954e27db255a68bbf67271e3fc1a98c3a6
94f2901eb6f3003e812b3ff5ebdeca3044611aff20f9b4573e298207a93a4e96
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
9df1ec2073602e65dfca1b750708bf12fabf11be7f6a6c77a489eb8e61de4d73
9f036563446cf05e238dc8eba66197fd0e3acd75f906eb7417760b847a71699c
9f90c841a0a04481810afcd958b481b97c0a49af9bf4f1718d6ba9e979144f59
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b0fb597c967296a3b83f913d20609d2c1606fe1a2ffd9396ab3a21f0d85825e5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bff43b039b0456ba77351fab46b4cda3242b187fd854f1ec49d30fdcc0a9b8b5
c0a2b045ae77a754641461e6cd3a5db59b956dae5aa77afe3e972f6472c18087
c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c88dc87682c30bebeb344ddd6d38d41bf200bc251eb9f3c93d1d197cd1fb343d
c89a8bee77d21587af1a9e0dcd26a779b62436084eaf136c354ff1bf39f2c280
c8a2a5036e3f18e5c502cdcec0a5481743fcc0a9bd1f3657e005d3fbfc024573
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cfe027020696c17e347c93e23e60de05056c2b7c6763bb31e168f073d8dd421a
d131f606d30ed1784f3ed4183977c23e9f299039ca280631f276e60148f685e0
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d389dfb1f8a8165c3165310fbf7e097d9ecf49ae4dc09c7cfa175352af5cbb01
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
dbdaa18955ec9d111f51bc2c7699ef739cd7723971b733ae64c50d2e6a469046
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df5b52f0f8815f309368736abcbf718b9e87c09df2732e16fdcba0bb5ca6fa02
e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5
e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465
e6b5a31adfee118c8237eff15320c8597bffdcc74c24c78f15a84c21ebdb4df4
e78b6aff6ca28b3e3b52739202ea334490d5c3eb7ffbb1bf35c1463309fb8ef6
e95a78edf0c7565f3f43777ed485a6e3370fa00b3df141fad921ad45158eeac9
e98837865b2761c929953b75932081ba48ddc8faff2c357592e60838551f6481
ebbd64fa7d5f7e973f6553c0daa7b95e81e46f1a0a203d315ac1f4dd1e3f10e1
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef852f8a2529e275693793732660a37ace40b898ff3c64c71f1418fdcaad7794
f07c663622a18c44cda247f3a8960fd16533419c60f38a6bd204d443f6fcd40e
f341e12f7cfd1002b96791f4058b98f42e8d98ef90cf649b643e9ea2ce5b47a2
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
f575d629b539dfe8d8925621fa60729e64e64ae2a6ca371c215d560710bb61f8
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f7bbfcc69139efba60b49cc7eb91d59bbe82081daad57056d5be5763fe8ab508
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff1b277f5f04deff0a69474f2616c18775058f967f7b9e8dea7b27c0aca9bd6f
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

capitolcanary.com Open in urlscan Pro 141.193.213.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

97 %HTTPS

42 %IPv6

32 Domains

48 Subdomains

45 IPs

6 Countries

2369 kBTransfer

7182 kBSize

38 Cookies

3 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

capitolcanary.com Open in urlscan Pro
141.193.213.11 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

97 %
HTTPS

42 %
IPv6

32
Domains

48
Subdomains

45
IPs

6
Countries

2369 kB
Transfer

7182 kB
Size

38
Cookies

203 HTTP transactions
0 data transactions