redcanary.com Open in urlscan Pro
104.198.136.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://i.redcanary.com/MDAzLVlSVS0zMTQAAAF7nPYTScSQKaO75mQWBnIMswSjVoPsdT8yTKNl_ndNTIwkAiNA3tZFm4beiahQ6v3XfDuxBqA=
Effective URL:
https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Di...
Submission: On March 04 via manual (March 4th 2021, 6:58:02 pm UTC) from KW

Summary HTTP 153 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 30 domains to perform 153 HTTP transactions. The main IP is 104.198.136.223, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is redcanary.com.
TLS certificate: Issued by R3 on February 20th 2021. Valid for: 3 months.

This is the only time redcanary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.198.136.223 104.198.136.223	15169 (GOOGLE) (GOOGLE)
4	68.232.35.12 68.232.35.12	15133 (EDGECAST) (EDGECAST)
6	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
68	65.9.96.127 65.9.96.127	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
2	18.158.85.13 18.158.85.13	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	99.84.158.21 99.84.158.21	16509 (AMAZON-02) (AMAZON-02)
6	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
1	18.215.11.20 18.215.11.20	14618 (AMAZON-AES) (AMAZON-AES)
4	34.204.215.213 34.204.215.213	14618 (AMAZON-AES) (AMAZON-AES)
2	18.204.181.250 18.204.181.250	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.153.62 52.216.153.62	16509 (AMAZON-02) (AMAZON-02)
153	37

1 104.17.74.206 (United States)

ASN13335 (CLOUDFLARENET, US)

i.redcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.198.136.223 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 223.136.198.104.bc.googleusercontent.com

redcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.12 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.93.80 (United States)

ASN13335 (CLOUDFLARENET, US)

app-sj28.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 65.9.96.127 (United States)

ASN16509 (AMAZON-02, US)

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.85.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-85-13.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f106:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.158.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-158-21.txl52.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.11.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-11-20.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.204.215.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-215-213.compute-1.amazonaws.com

targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.204.181.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-181-250.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.153.62 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	driftt.com js.driftt.com	730 KB
13	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com	7 KB
12	redcanary.com i.redcanary.com redcanary.com	1 MB
6	marketo.com app-sj28.marketo.com	142 KB
5	gstatic.com fonts.gstatic.com	57 KB
5	google-analytics.com www.google-analytics.com	71 KB
5	6sc.co j.6sc.co c.6sc.co b.6sc.co	8 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	33 KB
4	crazyegg.com script.crazyegg.com	67 KB
3	bizible.com cdn.bizible.com	34 KB
2	facebook.com www.facebook.com	308 B
2	google.de www.google.de	196 B
2	google.com www.google.com	197 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	6sense.com epsilon.6sense.com	296 B
2	facebook.net connect.facebook.net	92 KB
2	marketo.net munchkin.marketo.net	6 KB
2	googletagmanager.com www.googletagmanager.com	105 KB
1	amazonaws.com s3.amazonaws.com	10 KB
1	driftcdn.com embeds.driftcdn.com	6 KB
1	twitter.com analytics.twitter.com	283 B
1	reddit.com alb.reddit.com	125 B
1	t.co t.co	170 B
1	linkedin.com px.ads.linkedin.com	606 B
1	bizibly.com cdn.bizibly.com	203 B
1	adnxs.com secure.adnxs.com	702 B
1	googleadservices.com www.googleadservices.com	12 KB
1	redditstatic.com www.redditstatic.com	6 KB
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
153	30

	Domain	Requested by
68	js.driftt.com	redcanary.com js.driftt.com
11	redcanary.com	i.redcanary.com redcanary.com
6	metrics.api.drift.com	js.driftt.com
6	app-sj28.marketo.com	redcanary.com app-sj28.marketo.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.bizible.com
4	targeting.api.drift.com	js.driftt.com
4	script.crazyegg.com	redcanary.com script.crazyegg.com
3	c.6sc.co	j.6sc.co
3	fonts.googleapis.com	redcanary.com js.driftt.com
3	cdn.bizible.com	redcanary.com cdn.bizible.com
2	event.api.drift.com	js.driftt.com
2	www.facebook.com	redcanary.com connect.facebook.net
2	www.google.de	redcanary.com
2	www.google.com	redcanary.com
2	epsilon.6sense.com	cdn.bizible.com
2	connect.facebook.net	i.redcanary.com connect.facebook.net
2	munchkin.marketo.net	redcanary.com munchkin.marketo.net
2	www.googletagmanager.com	redcanary.com
1	s3.amazonaws.com	js.driftt.com
1	bootstrap.api.drift.com	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	stats.g.doubleclick.net	cdn.bizible.com
1	analytics.twitter.com	static.ads-twitter.com
1	alb.reddit.com	redcanary.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	t.co	redcanary.com
1	b.6sc.co	redcanary.com
1	px.ads.linkedin.com	redcanary.com
1	cdn.bizibly.com	redcanary.com
1	secure.adnxs.com	j.6sc.co
1	www.googleadservices.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	ajax.googleapis.com	redcanary.com
1	j.6sc.co	redcanary.com
1	i.redcanary.com
153	38

This site contains links to these domains. Also see Links.

Domain
slack.atomicredteam.io
help.redcanary.com
twitter.com
www.linkedin.com
virustotal.github.io
blog.netlab.360.com
golang.org
github.com
www.youtube.com

Subject Issuer	Validity	Valid
i.redcanary.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
redcanary.com R3	`2021-02-20` - `2021-05-21`	3 months	crt.sh
io.bizible.com DigiCert SHA2 Secure Server CA	`2020-12-14` - `2021-11-15`	a year	crt.sh
app-sj28.marketo.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2020-01-07` - `2021-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-07-06`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.6sense.com Amazon	`2020-07-29` - `2021-08-28`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-07-06`	6 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.driftcdn.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Frame ID: B16E882C550EA05FA904982763621054
Requests: 68 HTTP requests in this frame

Frame: https://app-sj28.marketo.com/index.php/form/XDFrame
Frame ID: 135D3AAD1B7819BFFB00B37EC69FEBEA
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
Frame ID: CE770350E2023DBB12223E2827E7C2F8
Requests: 38 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: 3B5E5ACA8BA5719E07E9ED272BA42512
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://i.redcanary.com/MDAzLVlSVS0zMTQAAAF7nPYTScSQKaO75mQWBnIMswSjVoPsdT8yTKNl_ndNTIwkAiNA3tZFm4be... Page URL
https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&ut... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

153
Requests

100 %
HTTPS

44 %
IPv6

30
Domains

38
Subdomains

37
IPs

4
Countries

2791 kB
Transfer

6455 kB
Size

18
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://slack.atomicredteam.io/
Title: Join us on Slack

Search URL Search Domain Scan URL

URL: https://help.redcanary.com/hc/en-us
Title: Customer Help Center

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://redcanary.com/blog/process-memory-integrity-code/&text=Here%E2%80%99s%20how%20you%20can%20use%20Process%20Memory%20Integrity%20to%20detect%20fileless%20or%20obfuscated%20malware%20on%20Linux%20systems.
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F&title=Identifying+suspicious+code+with+Process+Memory+Integrity&summary=Here%E2%80%99s+how+you+can+use+Process+Memory+Integrity+to+detect+fileless+or+obfuscated+malware+on+Linux+systems.&source=RedCanary
Title:

Search URL Search Domain Scan URL

URL: https://virustotal.github.io/yara/
Title: a pattern-matching swiss knife for malware researchers

Search URL Search Domain Scan URL

URL: https://blog.netlab.360.com/blackrota-an-obfuscated-backdoor-written-in-go-en/)
Title: Blackrota

Search URL Search Domain Scan URL

URL: https://golang.org/
Title: Go

Search URL Search Domain Scan URL

URL: https://github.com/unixpickle/gobfuscate
Title: gobfuscate

Search URL Search Domain Scan URL

URL: https://twitter.com/redcanary
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/redcanary/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCulDoWwoy0vNvRwl2tVX3-w
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://i.redcanary.com/MDAzLVlSVS0zMTQAAAF7nPYTScSQKaO75mQWBnIMswSjVoPsdT8yTKNl_ndNTIwkAiNA3tZFm4beiahQ6v3XfDuxBqA= Page URL
https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

153 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MDAzLVlSVS0zMTQAAAF7nPYTScSQKaO75mQWBnIMswSjVoPsdT8yTKNl_ndNTIwkAiNA3tZFm4beiahQ6v3XfDuxBqA= Show response
i.redcanary.com/ 588 B
1 KB 255ms
200ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.redcanary.com/MDAzLVlSVS0zMTQAAAF7nPYTScSQKaO75mQWBnIMswSjVoPsdT8yTKNl_ndNTIwkAiNA3tZFm4beiahQ6v3XfDuxBqA=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9ceb248e77f6d82c9350cf9641f83de83a996ae73e71c53f7f3dacd00135f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: i.redcanary.com
:scheme: https
:path: /MDAzLVlSVS0zMTQAAAF7nPYTScSQKaO75mQWBnIMswSjVoPsdT8yTKNl_ndNTIwkAiNA3tZFm4beiahQ6v3XfDuxBqA=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-type: text/html
set-cookie: __cfduid=d15bd4690d1fb4f7d8f1e4956abbf52a81614884263; expires=Sat, 03-Apr-21 18:57:43 GMT; path=/; domain=.i.redcanary.com; HttpOnly; SameSite=Lax __cf_bm=eddf9ccaa09ee1c5fdcef8cefc4cb372197d50fc-1614884264-1800-AcRLqCEXmneVr3CXcf316g2SUqQsrU3y7Df0NMb88Sfgcu8JddarTzMFYgfrYeJ/ghyYRD4dvhj+hQRYPSwmsRg=; path=/; expires=Thu, 04-Mar-21 19:27:44 GMT; domain=.i.redcanary.com; HttpOnly; Secure; SameSite=None
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 08a0336fbb00004bf576a4e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62ad54f929494bf5-AMS
content-encoding: gzip

GET
H2 200 Primary Request / Show response
redcanary.com/blog/process-memory-integrity-code/ 768 KB
97 KB 410ms
160ms Document
text/html 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A

Requested by

Host: i.redcanary.com
URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAF7nPYTScSQKaO75mQWBnIMswSjVoPsdT8yTKNl_ndNTIwkAiNA3tZFm4beiahQ6v3XfDuxBqA=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

223.136.198.104.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

6ee6500e4cc86d73d0463644087f9e5d33efd792628069a59e9cde92d18d064a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: redcanary.com
:scheme: https
:path: /blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://i.redcanary.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://i.redcanary.com/

Response headers

server: nginx
date: Thu, 04 Mar 2021 18:57:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
content-security-policy: upgrade-insecure-requests
link: <https://redcanary.com/wp-json/>; rel="https://api.w.org/" <https://redcanary.com/wp-json/wp/v2/posts/26742>; rel="alternate"; type="application/json" <https://redcanary.com/?p=26742>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block 1; mode=block
referrer-policy: no-referrer
feature-policy: microphone 'none'; geolocation 'none'
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 86 KB
33 KB 68ms
16ms Script
application/x-javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) /
Resource Hash: c9b6ca2b06e64af35e9b40c7c2c73b9833be919d0a5afa5703ec91b81f8948d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 18:51:20 GMT
server: ECS (amb/6BA7)
age: 66790
etag: "2ca3f3895fd71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 33770

GET
H2 200 forms2.min.js Show response
app-sj28.marketo.com/js/forms2/js/ 204 KB
68 KB 83ms
43ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj28.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 16 Jan 2021 05:47:07 GMT
server: cloudflare
age: 3311
etag: "30a13b4-33187-5b8fe04ed266a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 62ad54fd99f70bf9-AMS
cf-request-id: 08a033728000000bf90508d000000001
expires: Thu, 04 Mar 2021 22:57:44 GMT

GET
H2 200 9416.js Show response
script.crazyegg.com/pages/scripts/0096/ 4 KB
4 KB 30ms
12ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0096/9416.js
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23964dce64442ebe766c90bd39b56dc7fe2780603e112615e33097de4465856f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
cf-cache-status: HIT
age: 15180
cf-polished: origSize=4157
ce-version: 11.1.244
content-length: 4156
cf-request-id: 08a03372b900002b4d8511a000000001
timing-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:44:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, no-transform, s-maxage=1209600
accept-ranges: bytes
cf-ray: 62ad54fdfa982b4d-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

907ed86d3e6ff080a5b8c1e92371686db54eb7d94edd377cd8aafcb59b0b0b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53770
x-xss-protection: 0
expires: Thu, 04 Mar 2021 18:57:44 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 83ms
31ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 18:57:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
52 KB 64ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c81cf6e43aba68af5932066a320b13eab407621a4b66cdf37c51b3921c10cbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53084
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 18:57:44 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 15 KB
7 KB 75ms
27ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/6si.min.js
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7f072dbb779b20cea6866f3f8d398af9cafe418e7e038aa0702feddf741f040c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 18:57:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Feb 2021 06:46:48 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6018f558-3ab9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 6144

GET
H2 200 9416.json Show response
script.crazyegg.com/pages/data-scripts/0096/ 2 KB
1 KB 30ms
17ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0096/9416.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0096/9416.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb36493c205dad29a2aa3dec05829192cc7232f7e138ea1ddbf2ef7bfca2601

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 15180
ce-version: 11.1.244
content-length: 846
cf-request-id: 08a03372f200001f4d3b138000000001
timing-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:44:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, no-transform, s-maxage=1209600
accept-ranges: bytes
cf-ray: 62ad54fe4d101f4d-FRA

POST
H2 204 collect
www.google-analytics.com/g/ 0
70 B 13ms
12ms Other
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-T3K4MTNQJN&gtm=2oe2o0&_p=927993443&sr=1600x1200&ul=en-us&cid=1670393001.1614884265&_s=1&dl=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A&dr=https%3A%2F%2Fi.redcanary.com%2F&dt=&sid=1614884264&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.244.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 61 KB
61 KB 14ms
12ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.244.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0096/9416.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6266a888d4fa5012bf6eb30ba780b62b5699c5b9e5479912247541405e3f818

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
cf-cache-status: HIT
age: 42518
cf-polished: origSize=62272
content-length: 62089
cf-request-id: 08a033734400002b4d8ea86000000001
timing-allow-origin: *
last-modified: Tue, 23 Feb 2021 13:37:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, no-transform, s-maxage=31536000
accept-ranges: bytes
cf-ray: 62ad54fedbed2b4d-FRA
cf-bgj: minify

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 12:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24696
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 12:06:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
877 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700%7CSource+Sans+Pro:300,400,600,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdee0bdf158608e38d3bcd6b366e550c9177c6961037c4d4226d3734121639dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 18:57:44 GMT
server: ESF
date: Thu, 04 Mar 2021 18:57:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 18:57:44 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 30ms
29ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 18:57:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 12 Jun 2021 18:57:44 GMT

GET
H2 200 wp-embed.min.js Show response
redcanary.com/wp-includes/js/ 1 KB
947 B 115ms
115ms Script
application/javascript 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://redcanary.com/wp-includes/js/wp-embed.min.js
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 15:18:33 GMT
server: nginx
etag: W/"601032c9-592"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 autoptimize_47a5cb5e4c07162fd03a9cbd76104c25.js Show response
redcanary.com/wp-content/cache/autoptimize/js/ 260 KB
77 KB 131ms
130ms Script
application/javascript 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://redcanary.com/wp-content/cache/autoptimize/js/autoptimize_47a5cb5e4c07162fd03a9cbd76104c25.js
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e51fa52e21335b987bd49009447c0f0c64ae8bbbbed67d985304454b0d586fb8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: br
last-modified: Thu, 04 Mar 2021 16:44:12 GMT
server: nginx
etag: W/"60410e5c-4114e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 65zait4t5ws7.js Show response
js.driftt.com/include/1614884400000/ 204 KB
59 KB 259ms
169ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1614884400000/65zait4t5ws7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8c85027ce7d8fd04735f1d1c6cde17124379cb10e5b849359310f6696cf09578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: GrV9sHyOrltBX0p2DvJyqL38s4NaqgKJ
content-encoding: gzip
etag: W/"7ecb5e776a08b8f07dd55c990d390d95"
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 16:24:09 GMT
server: nginx
date: Thu, 04 Mar 2021 18:57:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cY9fPgWGJM1A5KtQiieWMLH_WIx7f1h60Ou1Z8_Nb1n7amQGxqjeJQ==

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17e8f321c55e7ffaace052b6dba9a6331ab672f4a991a3ecc46104f2c7af9f6d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 792049b34f71eb1f59cecc90beff91d411ea7a9757d8cd55cfbfea1fee1b7a9a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d815f0f2d87f5c500f9411128fe90456908487dfa901b729816ef974df083eb8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 arrow-slider-next.svg
redcanary.com/wp-content/themes/redcanary/assets/img/ 527 B
553 B 206ms
206ms Image
image/svg+xml 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcanary.com/wp-content/themes/redcanary/assets/img/arrow-slider-next.svg
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 929169823afc0c1b96ebabd781fe0211e432d8eb455ab15c8f661c3f6322d597

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: br
last-modified: Wed, 27 Feb 2019 15:51:01 GMT
server: nginx
etag: W/"5c76b1e5-20f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bullet-square.svg
redcanary.com/wp-content/themes/redcanary/assets/img/ 923 KB
696 KB 206ms
205ms Image
image/svg+xml 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcanary.com/wp-content/themes/redcanary/assets/img/bullet-square.svg
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c3137bd10d40a7ce2eeaf817144a88f7ec0086608fece9e7c2b58dc7e8ef871f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: br
last-modified: Wed, 27 Feb 2019 15:51:04 GMT
server: nginx
etag: W/"5c76b1e8-e6a7c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 getForm Show response
app-sj28.marketo.com/index.php/form/ 3 KB
2 KB 480ms
480ms Script
application/javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj28.marketo.com/index.php/form/getForm?munchkinId=003-YRU-314&form=1034&url=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F&callback=jQuery112402675001514225688_1614884264660&_=1614884264661

Requested by

Host: app-sj28.marketo.com
URL: https://app-sj28.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

234243aa3a492254b3d0d3ce2f2cbc3c61e2ad91cbf241174a398e4cbc717b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cached: false
strict-transport-security: max-age=63113904
cf-ray: 62ad54ff9f8f0bf9-AMS
cf-request-id: 08a03373c200000bf9c786f000000001

GET
H2 200 globe-white-right.png
redcanary.com/wp-content/themes/redcanary/assets/img/ 259 KB
260 KB 162ms
162ms Image
image/png 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcanary.com/wp-content/themes/redcanary/assets/img/globe-white-right.png
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d3d589e680bc49f54cb5721723fc2ec1a68d5e8ce3946db7192fb0d207e9b6cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
last-modified: Wed, 27 Feb 2019 15:51:11 GMT
server: nginx
etag: "5c76b1ef-40da2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 265634

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 22ms
22ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 65196
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1614884265.943826,VS0,VE0
x-served-by: cache-hhn11576-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 28ms
12ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 18:57:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=75294
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 18 KB
6 KB 70ms
22ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e80ddf3eef44b5e1eb4decb66700685245e47896a94e971bd8ea906c35d61d00

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 27 Jan 2021 22:32:09 GMT
server: snooserv
etag: "8e0821fb80cc4328dc38d8f75915b82b"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 5905

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 32 KB
12 KB 33ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0fadbe1e06ca947cfe99260be96d47e427e047adb36abc1569b6650969de845c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12508
x-xss-protection: 0
server: cafe
etag: 14827443887830809553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 Mar 2021 18:57:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: i.redcanary.com
URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAF7nPYTScSQKaO75mQWBnIMswSjVoPsdT8yTKNl_ndNTIwkAiNA3tZFm4beiahQ6v3XfDuxBqA=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: TgwqlzHEJNkxxbZN8HRTYP+mxPG9Y6yaV0wDsZKyppz2lJ5b7ZWlP1gH4KDRzv6Ne8RON54VykoVH2CVD/LXkg==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 04 Mar 2021 18:57:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
369 B 72ms
23ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e9eae55602d25a7699516eaffc8d71b399c9ff1fc32840e41ec08ccd051a762

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 18:57:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://redcanary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
702 B 67ms
34ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 18:57:45 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid: 4510c765-a946-48ef-bdd0-814ccdd03f50
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://redcanary.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
369 B 68ms
23ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e9eae55602d25a7699516eaffc8d71b399c9ff1fc32840e41ec08ccd051a762

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 18:57:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://redcanary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
369 B 68ms
24ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e9eae55602d25a7699516eaffc8d71b399c9ff1fc32840e41ec08ccd051a762

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 18:57:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://redcanary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700%7CSource+Sans+Pro:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://redcanary.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 22:44:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 159218
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12976
x-xss-protection: 0
expires: Wed, 02 Mar 2022 22:44:06 GMT

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700%7CSource+Sans+Pro:300,400,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://redcanary.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 05:19:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:08 GMT
server: sffe
age: 49068
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13224
x-xss-protection: 0
expires: Fri, 04 Mar 2022 05:19:56 GMT

GET
H3-Q050 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700%7CSource+Sans+Pro:300,400,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://redcanary.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 14:56:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 100895
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Thu, 03 Mar 2022 14:56:09 GMT

GET
H2 200 9416.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0096/ 162 B
266 B 12ms
12ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0096/9416.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.244.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08dd243c7bd90cf131044c7517bdeb27121760ef86d394c13aeaedc7380c7878

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 15179
ce-version: 11.1.244
content-length: 147
cf-request-id: 08a033741b00001f4de7b02000000001
timing-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:44:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, no-transform, s-maxage=1209600
accept-ranges: bytes
cf-ray: 62ad55002fb81f4d-FRA

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
327 B 17ms
16ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fi.redcanary.com%2F&_biz_h=-1906410348&_biz_u=aca533f710fe409c954ce8b59621ae77&_biz_s=34b954&_biz_l=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A&_biz_t=1614884264623&_biz_i=null&_biz_n=0&a=redcanary.com&rnd=957184&cdn_o=a&_biz_z=1614884265005
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:45 GMT
last-modified: Fri, 26 Feb 2021 01:58:29 GMT
server: ECS (amb/6B75)
age: 579556
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 18ms
16ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=aca533f710fe409c954ce8b59621ae77&_biz_s=34b954&_biz_l=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A&_biz_t=1614884265008&_biz_i=Identifying%20suspicious%20code%20with%20Process%20Memory%20Integrity&a=redcanary.com&rnd=807257&cdn_o=a&_biz_z=1614884265008
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:45 GMT
last-modified: Fri, 26 Feb 2021 00:54:43 GMT
server: ECS (amb/6B97)
age: 583382
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 1042590016249604 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1042590016249604?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa6fca54a3315fadb68f1fb8bff0663ae54e058173d868c16476f418b339393e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70584
x-fb-rlafr: 0
pragma: public
x-fb-debug: Sfd2WrgsWLYRXWMCk8F+dJS+S1RhOguKBmQ+hIkd0palM0INVey8NB+M5FWLy/qp3TeYAKUM2EkPjIYZ7zuCZg==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 18:57:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
px.ads.linkedin.com/ 0
606 B 519ms
198ms Image
application/javascript 2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1614884265030&url=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%20Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: vcWe8q44aRawfsTELisAAA==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 251ms
204ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=&visitor=e27f7614-a311-4543-882e-9790195d1bec&session=8fc20e00-d469-4036-8871-1d4f920070e8&event=a_pageload&q=%7B%7D&isIframe=false&m=%7B%22description%22%3A%22Here%E2%80%99s%20how%20you%20can%20use%20Process%20Memory%20Integrity%20to%20detect%20fileless%20or%20obfuscated%20malware%20on%20Linux%20systems.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Identifying%20suspicious%20code%20with%20Process%20Memory%20Integrity%22%7D&cb=84265038&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&pageURL=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 18:57:45 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 200 details
epsilon.6sense.com/v1/company/ Frame 0
0 70ms
22ms Preflight 18.158.85.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v1/company/details
Protocol: H2
Server: 18.158.85.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-85-13.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,epsiloncookie
Origin: https://redcanary.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
server: nginx
access-control-allow-origin: https://redcanary.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET
access-control-allow-headers: authorization,epsiloncookie

GET
H2 200 details Show response
epsilon.6sense.com/v1/company/ 130 B
296 B 71ms
26ms XHR
application/json 18.158.85.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v1/company/details
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.85.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-85-13.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 20d66ce421482be8d45bfff82b593bbcd30345b442750f1c91c3682613408dc6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Authorization: Token 5056c3929c3198270386ced81b434006bcef81be
EpsilonCookie: 0ebb1002ba2d0000a82d41603f030000bccf0100

Response headers

access-control-allow-origin: https://redcanary.com
date: Thu, 04 Mar 2021 18:57:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 130
vary: Accept-Encoding
content-type: application/json

GET
H2 200 button-right-arrow-white.svg
redcanary.com/wp-content/themes/redcanary/assets/img/ 350 B
470 B 147ms
147ms Image
image/svg+xml 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcanary.com/wp-content/themes/redcanary/assets/img/button-right-arrow-white.svg
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8edbf02936f4bbda931a228bd84f7b668522af07f3dfc33b5caee429e7febb85

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: br
last-modified: Wed, 27 Feb 2019 15:51:05 GMT
server: nginx
etag: W/"5c76b1e9-15e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 adsct
t.co/i/ 43 B
170 B 133ms
133ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o015g&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Thu, 04 Mar 2021 18:57:45 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3b95c91fdb8a4b68252fe636b5307794
x-transaction: 009eaf16009bae12
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/759876114/ 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/759876114/?random=1614884265059&cv=9&fst=1614884265059&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A&ref=https%3A%2F%2Fi.redcanary.com%2F&tiba=Identifying%20suspicious%20code%20with%20Process%20Memory%20Integrity&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f286fd232bf2d964f389717ea22eb30e8396a11c1fbedd495f2e570563a04a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cta-background.jpg
redcanary.com/wp-content/uploads/2018/12/ 7 KB
7 KB 142ms
142ms Image
image/jpeg 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcanary.com/wp-content/uploads/2018/12/cta-background.jpg
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ecf6782eee74878f85da64d073a0707c4965f712d7eec6926ea4c9151228e100

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
last-modified: Mon, 09 Nov 2020 21:51:33 GMT
server: nginx
etag: "5fa9b9e5-1a18"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6680

GET
H2 200 RC-ThreatResearch1_wLinux_975x975.jpg
redcanary.com/wp-content/uploads/2021/01/ 58 KB
58 KB 142ms
142ms Image
image/jpeg 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcanary.com/wp-content/uploads/2021/01/RC-ThreatResearch1_wLinux_975x975.jpg
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 380c062f3ba5d03e580c4ff4a1e2c5bd4fc9df4bd11df67d33e7806a089c7081

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
last-modified: Mon, 11 Jan 2021 18:57:54 GMT
server: nginx
etag: "5ffc9fb2-e708"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 59144

GET
H2 200 Image-from-iOS-21-2-scaled.jpg
redcanary.com/wp-content/uploads/2021/02/ 195 KB
195 KB 142ms
142ms Image
image/jpeg 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcanary.com/wp-content/uploads/2021/02/Image-from-iOS-21-2-scaled.jpg
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6da02a82c93eb167a5c2ea0182fe210fe729a6549c7c6ed15ddf97cbf6c921d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
last-modified: Wed, 24 Feb 2021 21:24:20 GMT
server: nginx
etag: "6036c404-30b70"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 199536

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
524 B 124ms
123ms Script
text/javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=aca533f710fe409c954ce8b59621ae77&_biz_h=-1906410348&cdn_o=a&jsVer=4.21.02.25&a=redcanary.com
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: 0e84fad76793a9c5b683df29a5826fef118cb8eb76d89509ac8acc96f48db8e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:44 GMT
content-encoding: gzip
server: ECS (amb/6BBB)
etag: 64BCF45E
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 215

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 179ms
132ms Image
image/gif 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1614884265072&id=t2_5kac730w&event=PageVisit&uuid=da7b47b8-0b31-4e5e-a96c-24a786bcdc41&s=sSGY6YEKlNa%2FnjywgeNSep8FarZXzsWYFc4AwaVGMfQ%3D
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 share-email.svg
redcanary.com/wp-content/themes/redcanary/assets/img/ 3 KB
2 KB 124ms
124ms Image
image/svg+xml 104.198.136.223
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcanary.com/wp-content/themes/redcanary/assets/img/share-email.svg
Requested by: Host: redcanary.com
URL: https://redcanary.com/blog/process-memory-integrity-code/?utm_source=redcanary&utm_medium=email&utm_campaign=Blog%20Digest-2021-03-04T09:00:20.949-07:00&mkt_tok=MDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.136.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4fe00ebc1aa4fc9a058b88c1b226a3feb16e330fab8af40f4c18de31f26837b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: br
last-modified: Wed, 27 Feb 2019 15:51:13 GMT
server: nginx
etag: W/"5c76b1f1-ca1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 /
www.google.com/pagead/1p-user-list/759876114/ 42 B
109 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/759876114/?random=1614884265059&cv=9&fst=1614880800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2o0&sendb=1&frm=0&url=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A&ref=https%3A%2F%2Fi.redcanary.com%2F&tiba=Identifying%20suspicious%20code%20with%20Process%20Memory%20Integrity&async=1&fmt=3&is_vtc=1&random=615237264&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/759876114/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/759876114/?random=1614884265059&cv=9&fst=1614880800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2o0&sendb=1&frm=0&url=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A&ref=https%3A%2F%2Fi.redcanary.com%2F&tiba=Identifying%20suspicious%20code%20with%20Process%20Memory%20Integrity&async=1&fmt=3&is_vtc=1&random=615237264&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
261 B 13ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1042590016249604&ev=PageView&dl=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A&rl=https%3A%2F%2Fi.redcanary.com%2F&if=false&ts=1614884265187&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614884265185.965844644&it=1614884265028&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 18:57:45 GMT

GET
H2 200 forms2.css
app-sj28.marketo.com/js/forms2/css/ 13 KB
3 KB 35ms
35ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj28.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-sj28.marketo.com
URL: https://app-sj28.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3110
vary: Accept-Encoding
content-length: 2623
cf-request-id: 08a03375a600000bf9300da000000001
last-modified: Wed, 06 Jan 2021 21:16:41 GMT
server: cloudflare
etag: "3360990-3437-5b841d6e0e040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 62ad5502a8690bf9-AMS
expires: Thu, 04 Mar 2021 22:57:45 GMT

GET
H2 200 forms2-theme-plain.css
app-sj28.marketo.com/js/forms2/css/ 828 B
363 B 38ms
38ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj28.marketo.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: app-sj28.marketo.com
URL: https://app-sj28.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4801
vary: Accept-Encoding
content-length: 246
cf-request-id: 08a03375a600000bf90a14b000000001
last-modified: Wed, 06 Jan 2021 21:16:41 GMT
server: cloudflare
etag: "30a0285-33c-5b841d6e0e040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 62ad5502a86d0bf9-AMS
expires: Thu, 04 Mar 2021 22:57:45 GMT

GET
H2 200 XDFrame Show response
app-sj28.marketo.com/index.php/form/ Frame 135D 2 KB
886 B 186ms
185ms Document
text/html 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj28.marketo.com/index.php/form/XDFrame

Requested by

Host: app-sj28.marketo.com
URL: https://app-sj28.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

983b740f301c9013623152fa4c12c6772f4e1eec28a3442a2895deff12e1da5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: app-sj28.marketo.com
:scheme: https
:path: /index.php/form/XDFrame
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=19f6cd20ee2cfa5b82ef7c05b5b504a560e232cb-1614884264-1800-AUFjqLljDJRLZxSRHp8ymdTW58REZH3nHDU/8snlhdi2r2yqN/pi0pJ12K9FPBVGS3xANHvk8mn3mIG2oV4DYIU=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-type: text/html; charset=utf-8
content-length: 652
set-cookie: __cfduid=dcdef5897ce27f02bd961c28fa28644091614884265; expires=Sat, 03-Apr-21 18:57:45 GMT; path=/; domain=.app-sj28.marketo.com; HttpOnly; SameSite=Lax BIGipServersj28web-nginx-app_https=!Yf7S8ceisGeyu8TInuzRy4alk/3R/j9bEqpH4htw4I7fI3z6UKWpmFhTpq+JKK0ZTmME2SjDv584oA==;Path=/;Version=1;Secure;Httponly
cache-control: max-age=3600
strict-transport-security: max-age=63113904
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-request-id: 08a03375ec00000bf9da339000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62ad550319620bf9-AMS

GET
H2 200 forms2.min.js Show response
app-sj28.marketo.com/js/forms2/js/ Frame 135D 204 KB
68 KB 48ms
47ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj28.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-sj28.marketo.com
URL: https://app-sj28.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app-sj28.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 16 Jan 2021 05:47:07 GMT
server: cloudflare
age: 3312
etag: "30a13b4-33187-5b8fe04ed266a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 62ad55044c850bf9-AMS
cf-request-id: 08a03376af00000bf9c40f7000000001
expires: Thu, 04 Mar 2021 22:57:45 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
47 B 13ms
12ms Other
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryR8yyxvGX0KLv36WF

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 04 Mar 2021 18:57:45 GMT
content-type: text/plain
access-control-allow-origin: https://redcanary.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 core Show response
js.driftt.com/ Frame CE77 3 KB
1 KB 156ms
156ms Document
text/html 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1614884400000/65zait4t5ws7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9234e5448ddb14925c7c9de5a264ec89a5b85023d786aad8a9f3305ffa0f373b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 04 Mar 2021 16:24:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: FEKlDYekMgVl4IycAof.lu3W8bG6SDov
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 04 Mar 2021 18:57:45 GMT
cache-control: no-cache
etag: W/"2a024b7d61cd8f26aa71abec8a96d959"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: KktdvaIUbUJV2_uKFv_S3HO9ey8yIHlP0T8gj6p4fugF5ZKSzsRLiw==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 3B5E 3 KB
1 KB 173ms
173ms Document
text/html 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1614884400000/65zait4t5ws7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9234e5448ddb14925c7c9de5a264ec89a5b85023d786aad8a9f3305ffa0f373b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 04 Mar 2021 16:24:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: FEKlDYekMgVl4IycAof.lu3W8bG6SDov
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 04 Mar 2021 18:57:45 GMT
cache-control: no-cache
etag: W/"2a024b7d61cd8f26aa71abec8a96d959"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: Ijzpy2Z6eCcm4GNYMg1Vkcx-tkVh0tfM_tfAOTg7IBPaBsCVJmDxcA==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
283 B 142ms
142ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o015g&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Thu, 04 Mar 2021 18:57:45 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: baff53e3bd03703cd05cef7578733853
x-transaction: 00da6a770034470f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3309
date: Thu, 04 Mar 2021 18:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 04 Mar 2021 20:02:36 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 86 KB
34 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KJTKFT3&t=gtm8&cid=1670393001.1614884265

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4fd45dcf0d28a53efe728bdc946e9fc3e36beb744be98ca5175fbb1d0edb4b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34833
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 18:57:45 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
54 B 12ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=927993443&t=pageview&_s=1&dl=https%3A%2F%2Fredcanary.com%2Fblog%2Fprocess-memory-integrity-code%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3DBlog%2520Digest-2021-03-04T09%3A00%3A20.949-07%3A00%26mkt_tok%3DMDAzLVlSVS0zMTQAAAF7nPYTSQUNMP3Ypq1_FONRx6wz77QWIxDCUtW6Q9RGMIraTnDUrCyGGVizBeabC1dd_GuRmNQlWlHBrwXY3z2gTKAJIOIqZ151b7JIt9A&dr=https%3A%2F%2Fi.redcanary.com%2F&ul=en-us&de=UTF-8&dt=Identifying%20suspicious%20code%20with%20Process%20Memory%20Integrity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=1069243113&gjid=2111107231&cid=1670393001.1614884265&tid=UA-52702906-1&_gid=1759283094.1614884266&_r=1&gtm=2wg2o0PXWC8JW&z=1636559267

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3309
date: Thu, 04 Mar 2021 18:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 04 Mar 2021 20:02:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-52702906-1&cid=1670393001.1614884265&jid=1069243113&gjid=2111107231&_gid=1759283094.1614884266&_u=aCDAAEACQAAAAC~&z=1357232676

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Mar 2021 18:57:45 GMT
content-type: text/plain
access-control-allow-origin: https://redcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 30ms
29ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-52702906-1&cid=1670393001.1614884265&jid=1069243113&_u=aCDAAEACQAAAAC~&z=1901920696

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 40ms
39ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-52702906-1&cid=1670393001.1614884265&jid=1069243113&_u=aCDAAEACQAAAAC~&z=1901920696

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 18:57:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.97e907a9.js Show response
js.driftt.com/core/assets/js/ Frame CE77 5 KB
3 KB 47ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

32025fbba90f383d4280690159f1b3576ab22a85d1b47a4ce7db24181c6c0742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"ab15ec434d074f3ed2987d188f8547f6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jBJrVvkxlvWRep7iTqnp8hjsrEJsMCT_
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KeeSA6XSu98OeT1dOxuSk-zo4XGQb9vHT4BVRLO0f7VHBGQRkPokeg==

GET
H2 200 38.feef3c6b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 40 KB
12 KB 47ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 5005104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"8a244bcbbb9c80ac041e954050101a6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EAw81v5LGEPk3kMeMMkNwSH0mzXiiQxP
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fuFDe-VHcM9bl8qd1ZxLTfiCvIyAGV8ZWUF5uVu4Cq7c6a2E_dLO4A==

GET
H2 200 22.c3832689.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 42 KB
12 KB 52ms
49ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.c3832689.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d5dd51858c25c8f35b6d808746ec3c11750d0b6796b607cf720fa3c86d6e1bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:50:37 GMT
content-encoding: gzip
age: 7531628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 07 Dec 2020 14:45:52 GMT
server: nginx
etag: W/"2b69413df831a59bc270b140595f3bee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _ZA.44L_Diojsmnq6OMoj9BsAdNThsMs
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N5cJvkrnI-P2pYLGvTT2a7PXD6W7FDlBmTqpDT7EEcwOAnvobYzzQQ==

GET
H2 200 13.a9247e5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 70 KB
21 KB 52ms
49ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a9247e5d.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a46a8c9098978eb78708da11a88cf5b7d8f3d691c499aa23a56938beebed5adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 01:09:19 GMT
content-encoding: gzip
age: 8704105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 20 Nov 2020 20:50:31 GMT
server: nginx
etag: W/"905ca25975ecfcc9b76946365bc9cd59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 660LyZRt8o4SinLduDXcq9UwfKS.UKEd
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pme4gg7cIRphFuQLaszd9_yJCR9rWHIgggNwsdvuD_rM5YqIuQL_Nw==

GET
H2 200 30.d7884983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 48 KB
15 KB 52ms
49ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.d7884983.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

93854156369ac26c93cb9cb6d7b78cb087e4c0727c27c18086ec516212c65822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"4e1b145be04e5bc76ea6d15f491a0174"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RQGg9Lzfff.JlTlK.NLmBXc6K0oL5gia
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1TPmQK0Abg_Cpl9Ld6p9K0JiBhJwMH0Kf3kepeizxLmA6ufvnxdFWQ==

GET
H2 200 12.8c7dd5ee.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 29 KB
8 KB 52ms
49ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.8c7dd5ee.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7f5c6e767ba72fae587de73bc9e9ebaf14a949042332953f90662c784c007809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 02:32:54 GMT
content-encoding: gzip
age: 6452691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 19:28:56 GMT
server: nginx
etag: W/"0c6be271de03c613b6960dfc110e6734"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fkwP.MyvV55CD0Yn65OIykQI.uiiY8AV
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wn22jgvPgolOdtOybfLlLQl6x6_rK3ij-Jnr8gyJODSFJfe7y7AFrQ==

GET
H2 200 15.ba891359.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 39 KB
10 KB 52ms
49ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.ba891359.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 02 Jan 2021 19:05:12 GMT
content-encoding: gzip
age: 5269953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 20:31:28 GMT
server: nginx
etag: W/"c35bc9563c8d6e811ec2f39f529dc431"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ft1RZzs2RlELxQVxEKi_iVLKgdyfxiQI
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b-UWR_G4D2u5k_hsdFZ4AgNWJAu8otp2XGv1i-J8Z5bYL-zQjOqvag==

GET
H2 200 35.9da4441f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 52 KB
18 KB 52ms
49ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.9da4441f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2a0dcc78da2fbb1fcfe754652282ee9e51a1e8b8dd2f1164ccd38ba23ea7d789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 5005104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"9abfc23518ff7d358e25cade17a2d86e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _lbAnh63N8Vikh80Sq4Nw1aKPaognb75
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TJTJ_VuQSsp-ng14pHAOOEQsd3WPixNt9OWQ2jp5XxmOY-i2humaww==

GET
H2 200 33.6dcbce8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 24 KB
10 KB 52ms
50ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.6dcbce8f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a613cec529d335c4758874a4b8249ddf6921d238969f33ac58289dddada5388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 5005104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"95f111c83ae06bebf035d1b81b96b8c8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CIH6MZsH0cUT9Za5GWuXvAlyqbVcYkhn
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gmE1QCusN4_EY3-nZSu0-bIQdShJCv3qKDwWAgPUoSNnb277Z9fIew==

GET
H2 200 8.b94e6c9f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 60 KB
21 KB 79ms
77ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.b94e6c9f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cae6601eec3262f0496682bc1cced8b0fabc8636c4645562c4952a81d02c5283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 04:30:42 GMT
content-encoding: gzip
age: 6359223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 19:28:57 GMT
server: nginx
etag: W/"367141ca772a2b6bf33a53efb589a530"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tOaT9q.bYa0NDfeX00pCfIUE0OBq0zVu
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0QhpFore8Vt65t23dJBOzUDmFNTfCBk3UdogfCZ4jwC2qpp3d3Pxcw==

GET
H2 200 main~493df0b3.64874bae.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 20 KB
7 KB 82ms
80ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.64874bae.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

08b829e03310897f65dcb5724a54b03462eeb006afb9a9b2d8a209a614514b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"848aca98cd9583220bdb19265f91481f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tIy1b_9TzSE7u9p1j9TgJZOzbGX8t8S3
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wE_oISryQBhIzwFGepEXtz3iVzOMKJaLeDMMRHQp4tAl9MwvjxYvFg==

GET
H2 200 main~970f9218.0d6d4b0a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 56 KB
15 KB 82ms
80ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.0d6d4b0a.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65b1403f52d47ebea3a99cfcd45caf7b1e957fd13e88180c318f1dd20adda964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"a758507b94834cc157568d546ce4c67a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q4vIs2MFEtiDaqknSJO6NpGlJRCj596O
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cQuu0PWmJVn5ZjVwaZF3NOcjZTmC0jYVLb3KnTixmZjV-VMmXBwqIw==

GET
H2 200 main~89e24786.e0baa405.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 60 KB
16 KB 82ms
81ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.e0baa405.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7d86b67c655881238c309b172260e2231a7aedda67eeee3068c22857429ac243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"a9e00c03a001983878c8159f360eb40c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gVa4r5ta3o3yREwU.S.FPlp5gHF2hvE4
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IxuDFnQmll4GcWTWuX3JDdnpbj7ZWPb5u_SW7WPbSJQzNOsFA4h6gA==

GET
H2 200 main~53ca99a6.5a631f57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 26 KB
9 KB 82ms
81ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.5a631f57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

662e748949addbe8cfe70880ebaaed5eae7ced3e95257bc7323603febcfb063a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"5e3bf79bd2ca5cbf71535b4d696ddb43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ssY.QP0GZqyrPeZBJI.zpg6_AcQlQlaz
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8sTSR3v7lUP-ERF0Y3vYBfHVsiY8gs-tRb9GbsH76VEvDQX25kh5Ng==

GET
H2 200 runtime~main.97e907a9.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 5 KB
3 KB 76ms
75ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

32025fbba90f383d4280690159f1b3576ab22a85d1b47a4ce7db24181c6c0742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"ab15ec434d074f3ed2987d188f8547f6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jBJrVvkxlvWRep7iTqnp8hjsrEJsMCT_
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WSBbNvPLifevfSGLTN10-dGhm-O4RS89MlWpCLcNi5fLdjlKwjTphw==

GET
H2 200 38.feef3c6b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 40 KB
12 KB 76ms
75ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 5005104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"8a244bcbbb9c80ac041e954050101a6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EAw81v5LGEPk3kMeMMkNwSH0mzXiiQxP
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: z0uWH7fGJFqZNBcrOZkcNvi7w3pwCNaKeXeFHFEShBZR_IFV_oEVWQ==

GET
H2 200 22.c3832689.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 42 KB
12 KB 77ms
76ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.c3832689.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d5dd51858c25c8f35b6d808746ec3c11750d0b6796b607cf720fa3c86d6e1bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Dec 2020 14:50:37 GMT
content-encoding: gzip
age: 7531628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 07 Dec 2020 14:45:52 GMT
server: nginx
etag: W/"2b69413df831a59bc270b140595f3bee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _ZA.44L_Diojsmnq6OMoj9BsAdNThsMs
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Bgx_xt3gKeDqEgRyUpCmpsiiy6t3KkK2LHxpTroqz3Sda-wMnB7XfA==

GET
H2 200 13.a9247e5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 70 KB
21 KB 79ms
78ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a9247e5d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a46a8c9098978eb78708da11a88cf5b7d8f3d691c499aa23a56938beebed5adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 01:09:19 GMT
content-encoding: gzip
age: 8704105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 20 Nov 2020 20:50:31 GMT
server: nginx
etag: W/"905ca25975ecfcc9b76946365bc9cd59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 660LyZRt8o4SinLduDXcq9UwfKS.UKEd
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tjx5XirurrQN6feFSGsqoYYst8yLF2_PlzU_G0JLfSr6auLi2khEcw==

GET
H2 200 30.d7884983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 48 KB
15 KB 85ms
83ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.d7884983.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

93854156369ac26c93cb9cb6d7b78cb087e4c0727c27c18086ec516212c65822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"4e1b145be04e5bc76ea6d15f491a0174"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RQGg9Lzfff.JlTlK.NLmBXc6K0oL5gia
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7AgxQ2y02hp_B4Hqapwt0tUjhjdsvCE0AM0Z2PBvmQmEoGZThUVBMw==

GET
H2 200 12.8c7dd5ee.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 29 KB
8 KB 86ms
83ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.8c7dd5ee.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7f5c6e767ba72fae587de73bc9e9ebaf14a949042332953f90662c784c007809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 02:32:54 GMT
content-encoding: gzip
age: 6452691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 19:28:56 GMT
server: nginx
etag: W/"0c6be271de03c613b6960dfc110e6734"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fkwP.MyvV55CD0Yn65OIykQI.uiiY8AV
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kvIpO0Gvy1mOj2qZpHJsNkj2eFPx_UsnpNMkL0uce3njZYnsq-Y2pQ==

GET
H2 200 15.ba891359.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 39 KB
10 KB 88ms
86ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.ba891359.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 02 Jan 2021 19:05:12 GMT
content-encoding: gzip
age: 5269953
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 20:31:28 GMT
server: nginx
etag: W/"c35bc9563c8d6e811ec2f39f529dc431"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ft1RZzs2RlELxQVxEKi_iVLKgdyfxiQI
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZfFo2XCkdFsaLWBWO900Gb5HKIFIGTfaITOgNdx25UJ3FWrnafMFSg==

GET
H2 200 35.9da4441f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 52 KB
18 KB 88ms
86ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.9da4441f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2a0dcc78da2fbb1fcfe754652282ee9e51a1e8b8dd2f1164ccd38ba23ea7d789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 5005104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"9abfc23518ff7d358e25cade17a2d86e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _lbAnh63N8Vikh80Sq4Nw1aKPaognb75
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iBbsDBBRdcmINTCB0zrS4cDr8VTIzoPNdlLv23st73FT32NITFHOJA==

GET
H2 200 33.6dcbce8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 24 KB
10 KB 88ms
86ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.6dcbce8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a613cec529d335c4758874a4b8249ddf6921d238969f33ac58289dddada5388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 5005104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"95f111c83ae06bebf035d1b81b96b8c8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CIH6MZsH0cUT9Za5GWuXvAlyqbVcYkhn
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MmS02rGqNFTbk_0hF1Z-HcPSzIzIMP6eWfeKOEsX7LOxkd7ecKKZ5A==

GET
H2 200 8.b94e6c9f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 60 KB
21 KB 88ms
86ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.b94e6c9f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cae6601eec3262f0496682bc1cced8b0fabc8636c4645562c4952a81d02c5283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 04:30:42 GMT
content-encoding: gzip
age: 6359223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 19:28:57 GMT
server: nginx
etag: W/"367141ca772a2b6bf33a53efb589a530"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tOaT9q.bYa0NDfeX00pCfIUE0OBq0zVu
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vdEnzMaHmcDjOuNUo-oByInMnlUWPm5j0G5tpJXafJC-CgFfmke8IQ==

GET
H2 200 main~493df0b3.64874bae.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 20 KB
7 KB 88ms
86ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.64874bae.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

08b829e03310897f65dcb5724a54b03462eeb006afb9a9b2d8a209a614514b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"848aca98cd9583220bdb19265f91481f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tIy1b_9TzSE7u9p1j9TgJZOzbGX8t8S3
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2kih9ZkAgopTpFk2uNALBWPhLdac2tIY-Eo_NiQOly-gJEe3FR5Dog==

GET
H2 200 main~970f9218.0d6d4b0a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 56 KB
15 KB 88ms
87ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.0d6d4b0a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65b1403f52d47ebea3a99cfcd45caf7b1e957fd13e88180c318f1dd20adda964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"a758507b94834cc157568d546ce4c67a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q4vIs2MFEtiDaqknSJO6NpGlJRCj596O
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _D3tvLGozOuCJI3DJQ5XQOSYZHU9OrvQfqudvM5IMMmZOYHU_T798A==

GET
H2 200 main~89e24786.e0baa405.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 60 KB
16 KB 95ms
93ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.e0baa405.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7d86b67c655881238c309b172260e2231a7aedda67eeee3068c22857429ac243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"a9e00c03a001983878c8159f360eb40c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gVa4r5ta3o3yREwU.S.FPlp5gHF2hvE4
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l8LEfzAMxNf4TT97WBJswyKA2sRNUYsmu_S0vijHDpfpqVz-QMX5yQ==

GET
H2 200 main~53ca99a6.5a631f57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 26 KB
9 KB 95ms
94ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.5a631f57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

662e748949addbe8cfe70880ebaaed5eae7ced3e95257bc7323603febcfb063a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:18 GMT
server: nginx
etag: W/"5e3bf79bd2ca5cbf71535b4d696ddb43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ssY.QP0GZqyrPeZBJI.zpg6_AcQlQlaz
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0_5glnG65BHol7nR1GImoD_y-lH0HK-HwftvnwIjTRT_aaRc0Y0zsQ==

GET
H2 200 36.56cefaf3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 6 KB
3 KB 45ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.56cefaf3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 5005105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"199a90762d66f2a85b69771e3ad0d5d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2wmc_g1sJQm0RiJ0g19HCc8BGtWoHqOS
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9Op_OUMt-5ocycDgOaLmNeaUm7IdV3nhIM-swgwiXpXoeX7WHCrhuQ==

GET
H2 200 34.fe729046.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 107 KB
34 KB 45ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.fe729046.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 07:29:10 GMT
content-encoding: gzip
age: 2719716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 18:47:31 GMT
server: nginx
etag: W/"b75bf38c8eee61f620998bf4e506f0a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sSsGb8qv3FA_x9pHEEYoEYgTo0k7yLWg
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0kjsUFqCWk0soFu7dBROGJ88Nn1w-GT5oNrRCDjAFv8qrjtKYdBRYQ==

GET
H2 200 27.fca79052.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 27 KB
9 KB 46ms
46ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.fca79052.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

00fd33e63ade8958eebf3cd4eabfb016a072021883eb73e15707c27c7467326e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"778effaa1518bcdcddb080ef14f98e02"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FaSQOMF905756twg_WaxPLtYkgG28uFg
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C_MEEoLQf-olFfZ07BHQxkVl954QqJ0v-5jHa0Sn_Em6_0gUHA_05g==

GET
H2 200 32.92beb56c.chunk.css
js.driftt.com/core/assets/css/ Frame CE77 2 KB
1 KB 46ms
46ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.92beb56c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

11c0f76b0414f025f6d8790a111f70421b4b0e816a93317188736671360192ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:26:30 GMT
content-encoding: gzip
age: 707476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 24 Feb 2021 14:05:51 GMT
server: nginx
etag: W/"1103e1501b63c165063174303b93cb83"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y7YyIAyIDJLJEcHCBriUBL3qXrAfEiHo
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RBvoVFmov-4x3XVZmc-_iBm3fOyoFaZ99pmu_z0btAkDordeb5mY-g==

GET
H2 200 32.3ac80f8a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 5 KB
2 KB 46ms
46ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.3ac80f8a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e20657c739771095df1130cadd9d47ba738a4758ebf33ff4ed57eebab87fc714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"3b2419f4430e43ac0db1c79bc616880c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PQaZObKEv1Ix4yR9sua9CT5bfPUhbhfv
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DQ0Ricc4d04hzS8p5eY1NGy3YHGQLIKNKkZWPrbCPC_grfDQMhN7kw==

GET
H2 200 36.56cefaf3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 6 KB
3 KB 44ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.56cefaf3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:21 GMT
content-encoding: gzip
age: 5005105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"199a90762d66f2a85b69771e3ad0d5d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2wmc_g1sJQm0RiJ0g19HCc8BGtWoHqOS
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jheGybmw17l_NQXXGHuNLf03tdway6-GUlipUPqANHM4wdaF52Khjw==

GET
H2 200 34.fe729046.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 107 KB
34 KB 45ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.fe729046.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 07:29:10 GMT
content-encoding: gzip
age: 2719716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 18:47:31 GMT
server: nginx
etag: W/"b75bf38c8eee61f620998bf4e506f0a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sSsGb8qv3FA_x9pHEEYoEYgTo0k7yLWg
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O7f6JBm9GjdMJ1mOcKfcQrghb5GF1WLM1lypbCok1HMHqHsC0aJrQw==

GET
H2 200 27.fca79052.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 27 KB
9 KB 48ms
48ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.fca79052.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

00fd33e63ade8958eebf3cd4eabfb016a072021883eb73e15707c27c7467326e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"778effaa1518bcdcddb080ef14f98e02"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FaSQOMF905756twg_WaxPLtYkgG28uFg
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G1XmV4Xchc1kJdyLD6aW-ZT7n5jNR7X21x-_6e51x6Xi43dCAbHJ7Q==

GET
H2 200 32.92beb56c.chunk.css
js.driftt.com/core/assets/css/ Frame 3B5E 2 KB
1 KB 48ms
48ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.92beb56c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

11c0f76b0414f025f6d8790a111f70421b4b0e816a93317188736671360192ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:26:30 GMT
content-encoding: gzip
age: 707476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 24 Feb 2021 14:05:51 GMT
server: nginx
etag: W/"1103e1501b63c165063174303b93cb83"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y7YyIAyIDJLJEcHCBriUBL3qXrAfEiHo
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yknHWEiF-e4HoXu5HWsrGUtxcNrgbT4gpGEHv3Av4-PlG80TT7nGLw==

GET
H2 200 32.3ac80f8a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 5 KB
2 KB 48ms
48ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.3ac80f8a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e20657c739771095df1130cadd9d47ba738a4758ebf33ff4ed57eebab87fc714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"3b2419f4430e43ac0db1c79bc616880c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PQaZObKEv1Ix4yR9sua9CT5bfPUhbhfv
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EqDX8t9uAkna6SkI7DQioqwuQCOt6MSubO57C0TAzh7WkhZjiTjf7A==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 17 KB
6 KB 43ms
43ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 02:34:41 GMT
content-encoding: gzip
age: 1786985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 11 Feb 2021 15:02:23 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: meASu2JEFoyVpwOxkLJiMpQwEpCiiXJl
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l1yW1HKMis6OLEBvp03u1GyPccT1WUEYXddyq9LwjWwXvYls4zhcNg==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 68 KB
20 KB 44ms
43ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 22:24:11 GMT
content-encoding: gzip
age: 9232415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 17 Nov 2020 22:07:19 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OxY7AH2xDXt3UJy-ySomAGSBokwUyrDM4fyvXSluAHDlkPXXre8ZoQ==

GET
H2 200 28.f9670e37.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 42 KB
12 KB 44ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.f9670e37.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

45fe1a3f8f9f78ac64a025b533edd3296325b88ac638c78e23836e85414cb66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 21:16:40 GMT
content-encoding: gzip
age: 1287666
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Feb 2021 21:05:34 GMT
server: nginx
etag: W/"f180a9c22af2d95df2ffc6944369b038"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IA1L1yp0sXLW7dRNSZ.4dN8OwTXpaNlP
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l7OU6Sb4F119FcTkVv6PdL7-ai0Y5s01koElvjqi6xR2OVCSdgIYmg==

GET
H2 200 2.497d9c43.chunk.css
js.driftt.com/core/assets/css/ Frame CE77 1 KB
1 KB 45ms
44ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.497d9c43.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9066c399df39fc448ea3597ef0b67e9f987a58d466b3dd3a61b1d505e18516eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 20:43:55 GMT
content-encoding: gzip
age: 7164831
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 20:38:09 GMT
server: nginx
etag: W/"53a4a9c8842e24b41fd0229969b6d146"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ci7FvwCbkXnjWoCgl2UCI.a_wtnefPsY
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zEX-PNo_A0JiJYJrC8vnuHxEnF330cXfhix7rnDV9q4_qzN417CXlA==

GET
H2 200 2.71f04a13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 27 KB
10 KB 45ms
45ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.71f04a13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

df0e1ab988d451dcf5eaca26de327dc716a2cbc85bd348aa33d4a42a5f996d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:26:30 GMT
content-encoding: gzip
age: 707476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 24 Feb 2021 14:05:53 GMT
server: nginx
etag: W/"983fafe09a6e34607464014289317ed0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bEv6ky4XS_332Gx9TlBW98BcAv.fQ1PB
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hPz2f8kXB5MkRVZMhZTUTLnHnoyXC3EyQV0ig9DzCZY9bBDGTAuReA==

GET
H2 200 25.02e62d23.chunk.css
js.driftt.com/core/assets/css/ Frame CE77 8 KB
2 KB 45ms
44ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.02e62d23.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 14:58:50 GMT
content-encoding: gzip
age: 1223936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 18 Feb 2021 14:27:58 GMT
server: nginx
etag: W/"4a7ea3158114815c3ce4a439e64bb20f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KU6XFS_YxAtnBlsAldU1clPlI0WqvkeV
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E0kT8MzV2gvDk-b4_pnLerbs7m-z40EjRgjacn8UVQme85_pKnHBOA==

GET
H2 200 25.3b6fc7f7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 65 KB
19 KB 46ms
46ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.3b6fc7f7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a67f9fea0fa91f3bf3925c7ec11f91391b044f01b9f7e30f2c6ba54abb0f75aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"11b7a7a4c7097d2c64b9020776064189"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XxqkjkLJ9cO40eX1XYCsMcjEFIhHqyYH
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1-Q-UnVi16Ris9tKkzVUIcEW5JvCLz3UiinFDYo76DWLDgbiru8gSg==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 17 KB
6 KB 44ms
43ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 02:34:41 GMT
content-encoding: gzip
age: 1786985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 11 Feb 2021 15:02:23 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: meASu2JEFoyVpwOxkLJiMpQwEpCiiXJl
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XHE01nRfHlOS6ZjoDJoHdbdkW3TVrR17Ynt_8UX79chDqSeL1-Fx1g==

GET
H2 200 31.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame 3B5E 6 KB
1 KB 44ms
43ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/31.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 00:52:24 GMT
content-encoding: gzip
age: 2225122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:43 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: E0JJ7iOWJmWtm1hXpwMRK75TEoLvG7xD
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u-3QZ4y-ja-Kog_j24zlhKFPR9QbIs30-qIbGk3P4_lTx-iTqQjHmA==

GET
H2 200 31.7492f197.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 2 KB
2 KB 44ms
43ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.7492f197.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

081f0d982be6e97455909461504555fa78346a01b149e1c88a1e6a4bb4aee9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"d41e0d61b78995b522b05f1e01dc8e77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wy7tpreLsqh_1FRYSjiTJWjKgHrz4yE0
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BMjBzRtZS58Pjfq_71089fMWq_4uj3f8IejJ2oUWPloHQLc0tDGLwA==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 68 KB
20 KB 44ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 22:24:11 GMT
content-encoding: gzip
age: 9232415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 17 Nov 2020 22:07:19 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _LUedJfSDVZ1WGb7ijGal_fGCM1n3MtBLQVSc_p8my_McFFApBpVTg==

GET
H2 200 24.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 3B5E 7 KB
2 KB 44ms
44ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/24.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 00:46:24 GMT
content-encoding: gzip
age: 2139082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:43 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1aSTl_6gyhge2weRQRNW6xkjw517PNux
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bvHs-eQTjJ5SCyrLTwoNxQhlCGjOWKEGzGdx232fefBuIFsYNsb8kg==

GET
H2 200 24.d1e2ba0d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 38 KB
13 KB 44ms
44ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.d1e2ba0d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8509f8b66ce83784c82b29f557979cee1cdeafcfa4ea5b43e6301700ac1d6332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 07:52:15 GMT
content-encoding: gzip
age: 2977531
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 21 Jan 2021 17:01:10 GMT
server: nginx
etag: W/"f2a5c91c1591ed94eeaed7fae317b092"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2AQjxf3nt1nSuxCXbjxVOHBQYs0oqO4g
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zhklr7dz7JwWdP8rs9ODxG6DMfyvS317BkVcV4p_Ha4mHNOEaelR7w==

GET
H2 200 20.ec5afb3b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 50 KB
14 KB 45ms
45ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.ec5afb3b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

16bab25394f47e60db69b3a75ace1574b150a268353e17096619ba5ba96e208d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 20:00:58 GMT
content-encoding: gzip
age: 4316208
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 13 Jan 2021 19:29:18 GMT
server: nginx
etag: W/"3cd2b5a6bcf9f406aacdee5be662461f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5Cxdr4cExuwQig2nmOEPkyzUenAOM_vh
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 96mtTbYjc5GkpxNpovJ66po7Ux3NvVK5ys6GzMEBYPpw2MfuVzCbBw==

GET
H2 200 2.497d9c43.chunk.css
js.driftt.com/core/assets/css/ Frame 3B5E 1 KB
1 KB 45ms
45ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.497d9c43.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9066c399df39fc448ea3597ef0b67e9f987a58d466b3dd3a61b1d505e18516eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 20:43:55 GMT
content-encoding: gzip
age: 7164831
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 20:38:09 GMT
server: nginx
etag: W/"53a4a9c8842e24b41fd0229969b6d146"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ci7FvwCbkXnjWoCgl2UCI.a_wtnefPsY
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cSQtM6gEVw0hZQuhCJhWpmcPb_96Rzxrko1mPHPO9tNSQ50HDjt3qg==

GET
H2 200 2.71f04a13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 27 KB
10 KB 47ms
46ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.71f04a13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

df0e1ab988d451dcf5eaca26de327dc716a2cbc85bd348aa33d4a42a5f996d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:26:30 GMT
content-encoding: gzip
age: 707476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 24 Feb 2021 14:05:53 GMT
server: nginx
etag: W/"983fafe09a6e34607464014289317ed0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bEv6ky4XS_332Gx9TlBW98BcAv.fQ1PB
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YZS7W8qN-8RXQI5A2j9CGzfGfUK5x4PzdNYtrhl6Wk99own3N4AFEA==

GET
H2 200 23.401111da.chunk.css
js.driftt.com/core/assets/css/ Frame 3B5E 11 KB
3 KB 47ms
46ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.401111da.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

21a7fd6ffd2b55bfa0ccf4acfd4d9cc37e78151ce5cb9e65b2d665baafab02af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 21:31:49 GMT
content-encoding: gzip
age: 1718757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 20:45:19 GMT
server: nginx
etag: W/"fd9003fd2c8558fd680914f594d24a3c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iZ_edPNL4zjllLQDBErmUJN6_5HVa15E
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IEehqbRhR7Ke-a5Z_bz3-Sels-ueBRe5B4Zw9G3m3oheMXU7uG7wfQ==

GET
H2 200 23.d97926a4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 17 KB
7 KB 47ms
46ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.d97926a4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

01ce75526fbe1b6dce324233fc46e7f15e7ae9efe2fbcfd6f8233384ead5277b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 15:17:04 GMT
content-encoding: gzip
age: 272442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Mar 2021 14:50:14 GMT
server: nginx
etag: W/"7fd6360c24f8735134dbc8681845283d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PBb3SQCeUzROF0f1FRLjH4ZE7jmmm4Lz
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xKxsVLlvFNMEu1WhyvA-cyjNE51vTOKvtKzaJpnC_i1kZq3kEioYBg==

GET
H2 200 17.32f9cabf.chunk.css
js.driftt.com/core/assets/css/ Frame 3B5E 10 KB
3 KB 47ms
47ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.32f9cabf.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6089b789ee60ea0cc2d4516759ff40956d494f13ad6d4bc4d2ed1367e954dbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 20:07:41 GMT
content-encoding: gzip
age: 7426205
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 08 Dec 2020 19:33:20 GMT
server: nginx
etag: W/"abfbfd1c01b16d22d1a4bd5284d3669e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FEmLNX1XcpAAyWGY66WN3TtXUuqR6rvm
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _oUo_-5ot6D2x3w-ecZ3l14QKSV99H-Hda7zpXyv2ebC0ET1nGbcdw==

GET
H2 200 17.ff4f47f9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 16 KB
6 KB 47ms
46ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.ff4f47f9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

408db0a5f2486a34b22314aab3f594005b426cf30248402ae2fe815a415b686d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"bbd21d62bc716704df38de5193d12709"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: feAvh11zosmkhyCywkebbkigbjOB_Sas
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UUwhXGkJp0Ra3c7q4uwdv22SeeZtvuqTN4j4iiQBfS4g1lOtRYQvyQ==

GET
H2 200 14.030b3a74.chunk.css
js.driftt.com/core/assets/css/ Frame 3B5E 32 KB
6 KB 47ms
46ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.030b3a74.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8000784b8ad16be2521f60ca8b5b9075e1f5a439e5c5f1439e29ecf7fa2ea10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:26:30 GMT
content-encoding: gzip
age: 707476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 24 Feb 2021 14:05:51 GMT
server: nginx
etag: W/"6e2fda6ebf9f63306518fdca9fbb153a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2wgMARUzL9B9TR3zBEepJYFzTbZ7ftXC
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xq_LOZplk5xY_1Tq8-5Tt5JOkfCtjt-uXgT3uZ5kSzq2czaTRiLvrw==

GET
H2 200 14.40f086b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 62 KB
19 KB 48ms
47ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.40f086b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f10a5f2e583612abe57fc0f13507a5a47ba595bb5296cd614befde960745fff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:16 GMT
server: nginx
etag: W/"215642b61d62b487e66a851442aff06f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: khP_osgaYzVdAFsoQRvw1XCBBlVecSW9
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PbZxj8_Hj1piaAy996fwLdVACoiE5OM5ILe0rzjc_CijCGrb42XamQ==

GET
H2 200 19.773f6c88.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 18 KB
6 KB 48ms
48ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.773f6c88.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

839ab58d9ffbaa4056a77f2b274f7324736311bccc69c2e232350ca53d935b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"78d64018e0e5cfe03ea9047641eb0bf5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: o_58wY9vY.e.E70L4kUBjK62Q_YdjXfm
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PbGOZyowJPcmYHBHgTSvje3JvC7yQ8PFs7TKFcClt01FYfDFIXqqXA==

GET
H2 200 26.51e30a41.chunk.css
js.driftt.com/core/assets/css/ Frame 3B5E 10 KB
2 KB 48ms
47ms Stylesheet
text/css 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.51e30a41.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8981397ca0b967449e9e9208109a2762f25d0edf7d7e458788592b6438e5fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:06:03 GMT
content-encoding: gzip
age: 345103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jan 2021 13:54:00 GMT
server: nginx
etag: W/"d70456ae6ec3d990da312845907053b4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QLBZdVf7.w01JHu4HIak42BHpb9Ll6Pr
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Edez_lDo84J1XbGSWQXqVjjV2K_NwlNSz4mr8Yc9dmEWWInwDKQwJQ==

GET
H2 200 26.747dab3d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 17 KB
8 KB 48ms
47ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.747dab3d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0dce3962f9bd288ee67e54db3208c7b7cf60dc9c970a90725346b03fe5453aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 16:24:01 GMT
content-encoding: gzip
age: 9225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 04 Mar 2021 14:52:17 GMT
server: nginx
etag: W/"01b6af511b7a2c3147f4028fffa60f70"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JuwmKMBfPInnOJZFRGLxm1VtDforaUSo
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: orW4kL8q7zazEechK0bnBSMKbfSZUubVH0tq4eJZZuOVD_O6tUzlhQ==

GET
H2 200 65zait4t5ws7.json Show response
embeds.driftcdn.com/embeds/ Frame CE77 17 KB
6 KB 496ms
423ms XHR
application/json 99.84.158.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/65zait4t5ws7.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.158.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-158-21.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 558eb10d76002a7ace8d010a2296fd59301b556b09feb2f032b7e15ab56b6f5c

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 18:57:47 GMT
content-encoding: gzip
x-amz-cf-pop: TXL52-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 12 Feb 2021 16:38:02 GMT
server: AmazonS3
etag: W/"9fde640fe57fdb7aca6e7ed483d23afd"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 2d69f677a4a0e3e7eefdf9d24bd43661.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: 2U8dQ5veZF4rmp4SsWvZdiQlcD1hZbA6fTqfWUuhXhWM3LXMZ3yX9w==

POST
H/1.1 200
OK v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame CE77 25 B
697 B 115ms
113ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Mar 2021 18:57:46 GMT
server: istio-envoy
requestid: 1cb75259a9b301e2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 412ms
101ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Mar 2021 18:57:46 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftf23d2444139839faf46f7da0515
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 43.0bd3f7fc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CE77 17 KB
6 KB 43ms
42ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.0bd3f7fc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:22 GMT
content-encoding: gzip
age: 5005104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"533cfc95735c653dd37e8e6b8d17383d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JX5GGfxDlAIFFwI.09gLd6L1Tu2Y1bUr
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _W5RqjVyYcej3nfizBU78J4qllS4UTY9fKQjLjACCK1BGwBPU_BvgQ==

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame CE77 4 KB
2 KB 500ms
295ms XHR
application/json 18.215.11.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.215.11.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-11-20.compute-1.amazonaws.com

Software

Resource Hash

70fde2d10ac746e91b690c84c58084a1980f6eebdce1191ddacd5b7149e8f74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Mar 2021 18:57:47 GMT
content-encoding: gzip
requestid: e7e9a7b222b6c70d
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1880
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 65zait4t5ws7
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 309ms
101ms Preflight
text/plain 34.204.215.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/65zait4t5ws7

Protocol

Server

34.204.215.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-215-213.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Mar 2021 18:57:47 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: HEAD,GET,OPTIONS
requestid: drift72bdfbb4d7aa6e681c6e7a41c42

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 307ms
99ms Preflight
text/plain 18.204.181.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

18.204.181.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-181-250.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Mar 2021 18:57:47 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift38168314e0d9cf5f2049972f5cb

GET
H2 200 65zait4t5ws7 Show response
targeting.api.drift.com/hours/availability/combined/ Frame CE77 40 B
484 B 115ms
115ms XHR
application/json 34.204.215.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/65zait4t5ws7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.215.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-215-213.compute-1.amazonaws.com

Software

Resource Hash

dd4115970a44fd799fd72e5caabc9e78cf1662f83d73ae82aeaeddb53c696cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4ODM2OTcwNTM2IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzNDU2MSIsImV4cCI6MTY0NjQyMDI2NywiaWF0IjoxNjE0ODg0MjY3fQ.3D4nDBMQxKhy9xUqRu4ca-F-tluMErcxqzGq0ku8JDtfyL0YmFHG20w3BfN9ACMrk7etch1jfVhVeR5iUUJ2QQ

Response headers

date: Thu, 04 Mar 2021 18:57:47 GMT
requestid: 753b0a76992f6445
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 40
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame CE77 4 KB
1 KB 44ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.71f04a13.chunk.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 18:16:13 GMT
server: ESF
date: Thu, 04 Mar 2021 18:57:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 18:57:47 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame CE77 877 B
1 KB 102ms
101ms XHR
application/json 18.204.181.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.204.181.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-181-250.compute-1.amazonaws.com

Software

Resource Hash

e9887d09084e9cdd73f91a8c71bcf64a2bad525c6b987093677eab23e7b1eefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4ODM2OTcwNTM2IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzNDU2MSIsImV4cCI6MTY0NjQyMDI2NywiaWF0IjoxNjE0ODg0MjY3fQ.3D4nDBMQxKhy9xUqRu4ca-F-tluMErcxqzGq0ku8JDtfyL0YmFHG20w3BfN9ACMrk7etch1jfVhVeR5iUUJ2QQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Mar 2021 18:57:47 GMT
requestid: 2242571eb8760bd6
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 877

GET
H/1.1 200
OK ce1e9f2553e6a0dea24a3baf5ecda4887dtius5hb5dw
s3.amazonaws.com/drift-public-prod/1334561/ Frame CE77 10 KB
10 KB 417ms
114ms Image
image/png 52.216.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/drift-public-prod/1334561/ce1e9f2553e6a0dea24a3baf5ecda4887dtius5hb5dw
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=65zait4t5ws7&forceShow=false&skipCampaigns=false&sessionId=34ba0cb9-5680-4659-83d8-e6f24fae77fa&sessionStarted=1614884265&campaignRefreshToken=d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a&pageLoadStartTime=1614884264756
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.153.62 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ec66bbcfb1913d17b8d7b8cf60a9d0d71d3f2bf1ba867a7b7c3503c7951a9b01

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 04 Mar 2021 18:57:48 GMT
Last-Modified: Wed, 11 Mar 2020 15:42:33 GMT
Server: AmazonS3
x-amz-request-id: V7SVMMG8EBQXM5FE
ETag: "ce1e9f2553e6a0dea24a3baf5ecda488"
Content-Type: image/png
Content-Disposition: attachment;filename=ChatBot_RC-02.png
Accept-Ranges: bytes
Content-Length: 10023
x-amz-id-2: 97vHOd7M5Trv7FxSXUso4GIDUvGsIWY0XzR874aOuBZxi9HcT7kt/g6t0sX7UTlUEtPaihwqb1A=

GET
H2 200 43.0bd3f7fc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3B5E 17 KB
6 KB 43ms
43ms Script
application/javascript 65.9.96.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.0bd3f7fc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97e907a9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:39:22 GMT
content-encoding: gzip
age: 5005105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 05 Jan 2021 20:11:39 GMT
server: nginx
etag: W/"533cfc95735c653dd37e8e6b8d17383d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JX5GGfxDlAIFFwI.09gLd6L1Tu2Y1bUr
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xkmdg4JWGUDXwmdH8YD5CC8Ot6OAcksiWjykPILGYKZhPSdH5tygkg==

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3B5E 4 KB
675 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.71f04a13.chunk.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 18:22:53 GMT
server: ESF
date: Thu, 04 Mar 2021 18:57:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 18:57:47 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 3B5E 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 261735
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:15:32 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 3B5E 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 602181
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:26 GMT

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame CE77 573 B
745 B 102ms
102ms XHR
application/json 34.204.215.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.215.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-215-213.compute-1.amazonaws.com

Software

Resource Hash

afac32344f16934648318cf384bd2232fc2d548f71b208bf41b5fe611a694cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4ODM2OTcwNTM2IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzNDU2MSIsImV4cCI6MTY0NjQyMDI2NywiaWF0IjoxNjE0ODg0MjY3fQ.3D4nDBMQxKhy9xUqRu4ca-F-tluMErcxqzGq0ku8JDtfyL0YmFHG20w3BfN9ACMrk7etch1jfVhVeR5iUUJ2QQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Mar 2021 18:57:47 GMT
content-encoding: gzip
requestid: e85eb8ac99ac9263
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 283
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 103ms
103ms Preflight
text/plain 34.204.215.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

34.204.215.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-215-213.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Mar 2021 18:57:47 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift24fef014599830ce749f5bdb27d

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame CE77 25 B
697 B 114ms
114ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4ODM2OTcwNTM2IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzNDU2MSIsImV4cCI6MTY0NjQyMDI2NywiaWF0IjoxNjE0ODg0MjY3fQ.3D4nDBMQxKhy9xUqRu4ca-F-tluMErcxqzGq0ku8JDtfyL0YmFHG20w3BfN9ACMrk7etch1jfVhVeR5iUUJ2QQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Mar 2021 18:57:48 GMT
server: istio-envoy
requestid: 9804d00c6f614662
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 101ms
101ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Mar 2021 18:57:48 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftace6f884b4a92303239a31077d8
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame CE77 25 B
696 B 103ms
102ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/38.feef3c6b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI4ODM2OTcwNTM2IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTMzNDU2MSIsImV4cCI6MTY0NjQyMDI2NywiaWF0IjoxNjE0ODg0MjY3fQ.3D4nDBMQxKhy9xUqRu4ca-F-tluMErcxqzGq0ku8JDtfyL0YmFHG20w3BfN9ACMrk7etch1jfVhVeR5iUUJ2QQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Mar 2021 18:57:51 GMT
server: istio-envoy
requestid: ede9914042dd7195
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 103ms
102ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 04 Mar 2021 18:57:51 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift31ba2a84bd19cba387e33d26b5c
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
redcanary.com/	1970-01-19 16:34:46	Name: drift_campaign_refresh Value: d3ec0b5e-f22d-4d0c-ac5a-d1ebac0c985a
.app-sj28.marketo.com/	1970-01-19 16:34:46	Name: __cf_bm Value: 19f6cd20ee2cfa5b82ef7c05b5b504a560e232cb-1614884264-1800-AUFjqLljDJRLZxSRHp8ymdTW58REZH3nHDU/8snlhdi2r2yqN/pi0pJ12K9FPBVGS3xANHvk8mn3mIG2oV4DYIU=
.redcanary.com/	1970-01-20 01:20:20	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.redcanary.com/	1970-01-20 01:20:20	Name: _biz_pendingA Value: %5B%5D
redcanary.com/	1970-01-20 01:20:20	Name: cookielawinfo-checkbox-non-necessary Value: yes
.redcanary.com/	1970-01-19 18:44:20	Name: _fbp Value: fb.1.1614884265185.965844644
redcanary.com/	1970-01-20 01:20:20	Name: cookielawinfo-checkbox-necessary Value: yes
redcanary.com/	1970-01-20 10:05:56	Name: _gd_svisitor Value: 0ebb1002ba2d0000a82d41603f030000bccf0100
.redcanary.com/	1970-01-19 18:44:20	Name: _rdt_uuid Value: 1614884265071.da7b47b8-0b31-4e5e-a96c-24a786bcdc41
redcanary.com/	1970-01-19 16:34:58	Name: _gd_session Value: 8fc20e00-d469-4036-8871-1d4f920070e8
.redcanary.com/	1970-01-20 01:20:20	Name: _biz_uid Value: aca533f710fe409c954ce8b59621ae77
redcanary.com/	1970-01-20 10:05:56	Name: _gd_visitor Value: e27f7614-a311-4543-882e-9790195d1bec
.redcanary.com/	1970-01-20 10:05:56	Name: _ga_T3K4MTNQJN Value: GS1.1.1614884264.1.0.1614884264.0
.redcanary.com/	1970-01-19 18:44:20	Name: _gcl_au Value: 1.1.2041363388.1614884265
.redcanary.com/	1970-01-20 10:05:56	Name: _ga Value: GA1.1.1670393001.1614884265
.redcanary.com/	1970-01-20 01:20:20	Name: _biz_nA Value: 1
redcanary.com/	1970-01-19 16:44:49	Name: _an_uid Value: 0
.redcanary.com/	1970-01-19 16:34:46	Name: _biz_sid Value: 34b954

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://redcanary.com/wp-content/cache/autoptimize/js/autoptimize_47a5cb5e4c07162fd03a9cbd76104c25.js(Line 266) Message: 0
console-api	log	URL: https://redcanary.com/wp-content/cache/autoptimize/js/autoptimize_47a5cb5e4c07162fd03a9cbd76104c25.js(Line 266) Message: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alb.reddit.com
analytics.twitter.com
app-sj28.marketo.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
connect.facebook.net
embeds.driftcdn.com
epsilon.6sense.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.redcanary.com
j.6sc.co
js.driftt.com
metrics.api.drift.com
munchkin.marketo.net
px.ads.linkedin.com
redcanary.com
s3.amazonaws.com
script.crazyegg.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
targeting.api.drift.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
104.109.95.62
104.111.233.140
104.16.93.80
104.17.74.206
104.198.136.223
104.244.42.131
104.244.42.5
142.250.186.162
151.101.113.140
18.158.85.13
18.204.181.250
18.215.11.20
185.33.221.91
199.232.136.157
2606:4700::6813:9408
2620:119:50e1:101::6cae:b25
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c1b::9c
2a02:26f0:6c00:296::25ea
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
3.94.218.138
34.204.215.213
52.216.153.62
65.9.96.127
68.232.35.12
99.84.158.21
00fd33e63ade8958eebf3cd4eabfb016a072021883eb73e15707c27c7467326e
014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55
01ce75526fbe1b6dce324233fc46e7f15e7ae9efe2fbcfd6f8233384ead5277b
081f0d982be6e97455909461504555fa78346a01b149e1c88a1e6a4bb4aee9e5
08b829e03310897f65dcb5724a54b03462eeb006afb9a9b2d8a209a614514b28
08dd243c7bd90cf131044c7517bdeb27121760ef86d394c13aeaedc7380c7878
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0dce3962f9bd288ee67e54db3208c7b7cf60dc9c970a90725346b03fe5453aa0
0e84fad76793a9c5b683df29a5826fef118cb8eb76d89509ac8acc96f48db8e3
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fadbe1e06ca947cfe99260be96d47e427e047adb36abc1569b6650969de845c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c0f76b0414f025f6d8790a111f70421b4b0e816a93317188736671360192ba
16bab25394f47e60db69b3a75ace1574b150a268353e17096619ba5ba96e208d
17e8f321c55e7ffaace052b6dba9a6331ab672f4a991a3ecc46104f2c7af9f6d
1a613cec529d335c4758874a4b8249ddf6921d238969f33ac58289dddada5388
20d66ce421482be8d45bfff82b593bbcd30345b442750f1c91c3682613408dc6
21a7fd6ffd2b55bfa0ccf4acfd4d9cc37e78151ce5cb9e65b2d665baafab02af
234243aa3a492254b3d0d3ce2f2cbc3c61e2ad91cbf241174a398e4cbc717b77
23964dce64442ebe766c90bd39b56dc7fe2780603e112615e33097de4465856f
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2a0dcc78da2fbb1fcfe754652282ee9e51a1e8b8dd2f1164ccd38ba23ea7d789
2d3474f74f49ea05fe008ac0707fa6e2f3adba2b990b5c46d61f3a465023eae2
2e9eae55602d25a7699516eaffc8d71b399c9ff1fc32840e41ec08ccd051a762
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32025fbba90f383d4280690159f1b3576ab22a85d1b47a4ce7db24181c6c0742
380c062f3ba5d03e580c4ff4a1e2c5bd4fc9df4bd11df67d33e7806a089c7081
408db0a5f2486a34b22314aab3f594005b426cf30248402ae2fe815a415b686d
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
45fe1a3f8f9f78ac64a025b533edd3296325b88ac638c78e23836e85414cb66d
475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4fd45dcf0d28a53efe728bdc946e9fc3e36beb744be98ca5175fbb1d0edb4b9e
4fe00ebc1aa4fc9a058b88c1b226a3feb16e330fab8af40f4c18de31f26837b5
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
558eb10d76002a7ace8d010a2296fd59301b556b09feb2f032b7e15ab56b6f5c
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e9ceb248e77f6d82c9350cf9641f83de83a996ae73e71c53f7f3dacd00135f0
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6089b789ee60ea0cc2d4516759ff40956d494f13ad6d4bc4d2ed1367e954dbc5
65b1403f52d47ebea3a99cfcd45caf7b1e957fd13e88180c318f1dd20adda964
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
662e748949addbe8cfe70880ebaaed5eae7ced3e95257bc7323603febcfb063a
6ee6500e4cc86d73d0463644087f9e5d33efd792628069a59e9cde92d18d064a
70fde2d10ac746e91b690c84c58084a1980f6eebdce1191ddacd5b7149e8f74c
754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4
792049b34f71eb1f59cecc90beff91d411ea7a9757d8cd55cfbfea1fee1b7a9a
7d86b67c655881238c309b172260e2231a7aedda67eeee3068c22857429ac243
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
7f072dbb779b20cea6866f3f8d398af9cafe418e7e038aa0702feddf741f040c
7f5c6e767ba72fae587de73bc9e9ebaf14a949042332953f90662c784c007809
8000784b8ad16be2521f60ca8b5b9075e1f5a439e5c5f1439e29ecf7fa2ea10f
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
839ab58d9ffbaa4056a77f2b274f7324736311bccc69c2e232350ca53d935b61
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8509f8b66ce83784c82b29f557979cee1cdeafcfa4ea5b43e6301700ac1d6332
8c85027ce7d8fd04735f1d1c6cde17124379cb10e5b849359310f6696cf09578
8eb36493c205dad29a2aa3dec05829192cc7232f7e138ea1ddbf2ef7bfca2601
8edbf02936f4bbda931a228bd84f7b668522af07f3dfc33b5caee429e7febb85
9066c399df39fc448ea3597ef0b67e9f987a58d466b3dd3a61b1d505e18516eb
907ed86d3e6ff080a5b8c1e92371686db54eb7d94edd377cd8aafcb59b0b0b75
9234e5448ddb14925c7c9de5a264ec89a5b85023d786aad8a9f3305ffa0f373b
929169823afc0c1b96ebabd781fe0211e432d8eb455ab15c8f661c3f6322d597
93854156369ac26c93cb9cb6d7b78cb087e4c0727c27c18086ec516212c65822
983b740f301c9013623152fa4c12c6772f4e1eec28a3442a2895deff12e1da5d
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a46a8c9098978eb78708da11a88cf5b7d8f3d691c499aa23a56938beebed5adb
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a67f9fea0fa91f3bf3925c7ec11f91391b044f01b9f7e30f2c6ba54abb0f75aa
aa6fca54a3315fadb68f1fb8bff0663ae54e058173d868c16476f418b339393e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af8a20e6bd6c6de708d7aeffdd3afab1a47a00f91b53618d246cdb73410f147c
afac32344f16934648318cf384bd2232fc2d548f71b208bf41b5fe611a694cfc
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b6da02a82c93eb167a5c2ea0182fe210fe729a6549c7c6ed15ddf97cbf6c921d
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
c3137bd10d40a7ce2eeaf817144a88f7ec0086608fece9e7c2b58dc7e8ef871f
c81cf6e43aba68af5932066a320b13eab407621a4b66cdf37c51b3921c10cbca
c9b6ca2b06e64af35e9b40c7c2c73b9833be919d0a5afa5703ec91b81f8948d9
cae6601eec3262f0496682bc1cced8b0fabc8636c4645562c4952a81d02c5283
cdee0bdf158608e38d3bcd6b366e550c9177c6961037c4d4226d3734121639dc
d3d589e680bc49f54cb5721723fc2ec1a68d5e8ce3946db7192fb0d207e9b6cf
d5dd51858c25c8f35b6d808746ec3c11750d0b6796b607cf720fa3c86d6e1bb0
d815f0f2d87f5c500f9411128fe90456908487dfa901b729816ef974df083eb8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd4115970a44fd799fd72e5caabc9e78cf1662f83d73ae82aeaeddb53c696cb3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0e1ab988d451dcf5eaca26de327dc716a2cbc85bd348aa33d4a42a5f996d66
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e20657c739771095df1130cadd9d47ba738a4758ebf33ff4ed57eebab87fc714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51fa52e21335b987bd49009447c0f0c64ae8bbbbed67d985304454b0d586fb8
e80ddf3eef44b5e1eb4decb66700685245e47896a94e971bd8ea906c35d61d00
e9887d09084e9cdd73f91a8c71bcf64a2bad525c6b987093677eab23e7b1eefc
e9f1723d153401796dcde6f2d1fbf9a6e2181ac7e94049fc88126fbff1abd38d
ec66bbcfb1913d17b8d7b8cf60a9d0d71d3f2bf1ba867a7b7c3503c7951a9b01
ecf6782eee74878f85da64d073a0707c4965f712d7eec6926ea4c9151228e100
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10a5f2e583612abe57fc0f13507a5a47ba595bb5296cd614befde960745fff4
f286fd232bf2d964f389717ea22eb30e8396a11c1fbedd495f2e570563a04a6f
f6266a888d4fa5012bf6eb30ba780b62b5699c5b9e5479912247541405e3f818
f79a8aa00d3bd94f428463ac9c44896172d23e0f0f6d6fe4f05f1c9b593e702c
f8981397ca0b967449e9e9208109a2762f25d0edf7d7e458788592b6438e5fcc
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
ff04dd81bb93731c0d1f8e7d384b370f26b93f4352980404fcdc4518e386bedd

redcanary.com Open in urlscan Pro 104.198.136.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

100 %HTTPS

44 %IPv6

30 Domains

38 Subdomains

37 IPs

4 Countries

2791 kBTransfer

6455 kBSize

18 Cookies

11 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

redcanary.com Open in urlscan Pro
104.198.136.223 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

100 %
HTTPS

44 %
IPv6

30
Domains

38
Subdomains

37
IPs

4
Countries

2791 kB
Transfer

6455 kB
Size

18
Cookies

153 HTTP transactions
4 data transactions