capitolcanary.com Open in urlscan Pro
104.199.120.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0v55-AgErhe1146I=
Effective URL:
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBV...
Submission: On May 31 via manual (May 31st 2022, 7:33:29 pm UTC) from PH — Scanned from DE

Summary HTTP 213 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 29 domains to perform 213 HTTP transactions. The main IP is 104.199.120.76, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is capitolcanary.com.
TLS certificate: Issued by R3 on April 6th 2022. Valid for: 3 months.

This is the only time capitolcanary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.15.215.8 199.15.215.8	15224 (OMNITURE) (OMNITURE)
52	104.199.120.76 104.199.120.76	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	51.11.20.152 51.11.20.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	104.16.94.80 104.16.94.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
64	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
4	3.224.78.34 3.224.78.34	14618 (AMAZON-AES) (AMAZON-AES)
2	216.24.57.253 216.24.57.253	397273 (RENDER) (RENDER)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 8	2600:9000:225... 2600:9000:225e:4800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.216.226 104.111.216.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::6812:2437	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2620:1ec:27::... 2620:1ec:27::cafe:2080	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:401... 2a00:1450:4014:80a::2002	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	104.248.111.229 104.248.111.229	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	63.34.234.143 63.34.234.143	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.139.28 18.66.139.28	16509 (AMAZON-02) (AMAZON-02)
6	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
2	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
213	40

1 199.15.215.8 (United States)

ASN15224 (OMNITURE, US)

about2.capitolcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 104.199.120.76 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.120.199.104.bc.googleusercontent.com

capitolcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.wine9bond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.94.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-sj20.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.224.78.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-78-34.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.253 (United States)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:225e:4800:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-226.deploy.static.akamaitechnologies.com

sjrtp4-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2437 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:27::cafe:2080 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

486-vki-494.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

om1.capitolcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.248.111.229 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

om2.capitolcanary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.234.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-234-143.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 4817	751 KB
61	capitolcanary.com about2.capitolcanary.com capitolcanary.com om1.capitolcanary.com om2.capitolcanary.com	656 KB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2302 d.adroll.com — Cisco Umbrella Rank: 1408	79 KB
8	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5193 bootstrap.api.drift.com — Cisco Umbrella Rank: 5516	540 B
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 534 c.clarity.ms — Cisco Umbrella Rank: 1052	26 KB
7	marketo.com app-sj20.marketo.com — Cisco Umbrella Rank: 234395 sjrtp4-cdn.marketo.com — Cisco Umbrella Rank: 93486	142 KB
6	gstatic.com fonts.gstatic.com	218 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	60 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 616 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 320 www.linkedin.com — Cisco Umbrella Rank: 560 px4.ads.linkedin.com — Cisco Umbrella Rank: 5318	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 324 c.bing.com — Cisco Umbrella Rank: 210	12 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6117	735 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3525	7 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	134 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 584 script.hotjar.com — Cisco Umbrella Rank: 713 vars.hotjar.com — Cisco Umbrella Rank: 832	67 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1342 insight.adsrvr.org — Cisco Umbrella Rank: 559	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	208 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	425 B
2	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 27848	1 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3204	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
1	mktoresp.com 486-vki-494.mktoresp.com	311 B
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8324	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 760	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 114	15 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5462	2 KB
1	wine9bond.com secure.wine9bond.com — Cisco Umbrella Rank: 618859	304 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1297	42 KB
213	29

	Domain	Requested by
64	js.driftt.com	capitolcanary.com js.driftt.com
52	capitolcanary.com	about2.capitolcanary.com capitolcanary.com
8	s.adroll.com	2 redirects www.googletagmanager.com capitolcanary.com s.adroll.com
6	metrics.api.drift.com	js.driftt.com
6	om1.capitolcanary.com	capitolcanary.com om1.capitolcanary.com
6	www.clarity.ms	about2.capitolcanary.com www.clarity.ms
6	fonts.gstatic.com	fonts.googleapis.com
6	app-sj20.marketo.com	capitolcanary.com app-sj20.marketo.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.google.de	capitolcanary.com
4	tags.srv.stackadapt.com	capitolcanary.com tags.srv.stackadapt.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com capitolcanary.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	capitolcanary.com www.googletagmanager.com
2	insight.adsrvr.org	js.adsrvr.org
2	c.clarity.ms	1 redirects
2	bootstrap.api.drift.com	js.driftt.com
2	www.facebook.com	capitolcanary.com
2	om2.capitolcanary.com	om1.capitolcanary.com
2	www.google.com	capitolcanary.com
2	px.ads.linkedin.com	2 redirects
2	grow.clearbitjs.com	capitolcanary.com
2	munchkin.marketo.net	capitolcanary.com munchkin.marketo.net
2	fonts.googleapis.com	capitolcanary.com om1.capitolcanary.com
1	c.bing.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	d.adroll.com	s.adroll.com
1	px4.ads.linkedin.com	capitolcanary.com
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	486-vki-494.mktoresp.com	munchkin.marketo.net
1	tracking.g2crowd.com	about2.capitolcanary.com
1	sjrtp4-cdn.marketo.com	about2.capitolcanary.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	capitolcanary.com
1	ws.zoominfo.com	capitolcanary.com
1	js.adsrvr.org	capitolcanary.com
1	secure.wine9bond.com	capitolcanary.com
1	www.googleoptimize.com	capitolcanary.com
1	about2.capitolcanary.com
213	44

This site contains links to these domains. Also see Links.

Domain
www.capitolcanary.com
app.govpredict.com
www.linkedin.com
www.twitter.com

Subject Issuer	Validity	Valid
capitolcanary.com R3	`2022-04-06` - `2022-07-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-19`	a year	crt.sh
app-sj20.marketo.com Cloudflare Inc ECC CA-3	`2022-05-02` - `2023-05-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
grow.clearbitjs.com Cloudflare Inc RSA CA-2	`2021-07-29` - `2022-07-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-10` - `2022-06-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
om1.capitolcanary.com R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
om2.capitolcanary.com R3	`2022-04-06` - `2022-07-05`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Frame ID: 48A6C6076AB59F1E69D99D7F1D8C61E0
Requests: 136 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
Frame ID: E951DFB4DEE28309C1C5E7DCAD62B49F
Requests: 34 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
Frame ID: B560F4F2512C47799DF2BB3C81F5C3CF
Requests: 33 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 325ABE0890542410F8DB8CDD71EA36F6
Requests: 1 HTTP requests in this frame

Frame: https://app-sj20.marketo.com/index.php/form/XDFrame
Frame ID: C42F2DCA696AB8D57ED160C3397E663A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3FE4EA58B8D9C5A0AE8C2DC322B8A8A2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&upid=21br8ux&upv=1.1.0&gdpr=1&gdpr_consent=null
Frame ID: 3327F4127B245E7D2EF3917C4A7DA4CD
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&upid=21br8ux&upv=1.1.0&gdpr=1&gdpr_consent=null&ret=845
Frame ID: 5A0D859C2EE84878E60B608EACC7AC5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FP Win with Capitol Canary - Capitol Canary

Page URL History Show full URLs

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0... Page URL
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMv... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

213
Requests

98 %
HTTPS

44 %
IPv6

29
Domains

44
Subdomains

40
IPs

8
Countries

2440 kB
Transfer

7301 kB
Size

47
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.capitolcanary.com/schedule-a-demo/?optimize-test=schedule-a-demo-text
Title: Schedule a demo

Search URL Search Domain Scan URL

URL: https://app.govpredict.com/portal/moneyball/donor_lookup?iframe=1
Title: Donor Look Up Tool

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/capitolcanary
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.twitter.com/capitolcanary
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0v55-AgErhe1146I= Page URL
https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1654025601944&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45840%26time%3D1654025601944%26url%3Dhttps%253A%252F%252Fcapitolcanary.com%252Ffake-page%253Fmkt_tok%253DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1654025601944&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1654025601944&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&liSync=true&e_ipv6=AQIN326E3zB3rAAAAYEbm8VR0hDe91Z3AZzYbZFXflnRkeVRjJzIMrAPYkTh4bjH9nNCDFHJmt_1VcUm5HJbwJNnBioBGA

Request Chain 100

https://s.adroll.com/j/exp/HVQJW343KJAW7GWROKSEFP/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 101

https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 191

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=79CB49F9464C49ED9B5FB7F823B3331B&RedC=c.clarity.ms&MXFR=2DAACC5F4F4E657C3760DDEA4B4E6B40 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=79CB49F9464C49ED9B5FB7F823B3331B&MUID=09D3ECD875AB6C053E9EFD6D74796D4A

213 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0v55-AgErhe1146I=
about2.capitolcanary.com/ 523 B
1 KB 615ms
159ms Document
text/html 199.15.215.8
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0v55-AgErhe1146I=

Protocol

HTTP/1.1

Server

199.15.215.8 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-gM/PGanWnVLIZEz9gAOlvHrpgS1K9FCDZc19GbazuUg=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, max-age=0
Connection: close
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-gM/PGanWnVLIZEz9gAOlvHrpgS1K9FCDZc19GbazuUg=';object-src 'none';form-action 'none';frame-src 'none'
Content-Type: text/html
Date: Tue, 31 May 2022 19:33:19 GMT
Referrer-Policy: strict-origin
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2 200 Primary Request fake-page Show response
capitolcanary.com/ 78 KB
19 KB 1254ms
811ms Document
text/html 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Requested by: Host: about2.capitolcanary.com
URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0v55-AgErhe1146I=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 1ef2295ea6caf62a442b628a4d75360de128fded1ab50c58b4e39ef6d8f7f7a6

Request headers

Referer: http://about2.capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 18606
content-type: text/html; charset=UTF-8
date: Tue, 31 May 2022 19:33:20 GMT
link: <https://capitolcanary.com/wp-json/>; rel="https://api.w.org/" <https://capitolcanary.com/wp-json/wp/v2/pages/18905>; rel="alternate"; type="application/json" <https://capitolcanary.com/?p=18905>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-pass-why: custom-path
x-powered-by: WP Engine

GET
H2 200 fa-solid-900.woff2
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 76 KB
77 KB 201ms
200ms Font
font/woff2 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
last-modified: Fri, 27 May 2022 12:31:27 GMT
server: nginx
etag: "6290c49f-131bc"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 78268

GET
H2 200 fa-brands-400.woff2
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 75 KB
75 KB 368ms
367ms Font
font/woff2 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
last-modified: Fri, 27 May 2022 12:31:27 GMT
server: nginx
etag: "6290c49f-12bc0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 76736

GET
H2 200 dashicons.min.css
capitolcanary.com/wp-includes/css/ 58 KB
35 KB 368ms
367ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/css/dashicons.min.css?ver=6.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 12:12:25 GMT
server: nginx
etag: W/"61f7d229-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-ui-dialog.min.css
capitolcanary.com/wp-includes/css/ 4 KB
2 KB 368ms
367ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/css/jquery-ui-dialog.min.css?ver=6.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 643e504c5417068283c7ba2a2e348b0f6c12da9e7b328470424453466d69efa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 12:12:25 GMT
server: nginx
etag: W/"61f7d229-11c4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
capitolcanary.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 368ms
367ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-15b26"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 18905-layout.css
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 45 KB
7 KB 368ms
367ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/18905-layout.css?ver=4e98f183d6759223ca94a8ad194bc615.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f341e12f7cfd1002b96791f4058b98f42e8d98ef90cf649b643e9ea2ce5b47a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Tue, 31 May 2022 10:57:44 GMT
server: nginx
etag: W/"6295f4a8-b259"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 styles.css
capitolcanary.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 368ms
367ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 14:22:33 GMT
server: nginx
etag: W/"62850129-aab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-video-popup.css
capitolcanary.com/wp-content/plugins/responsive-youtube-vimeo-popup/assets/css/ 850 B
553 B 369ms
367ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/responsive-youtube-vimeo-popup/assets/css/wp-video-popup.css?ver=2.9.2.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8637926881bcb60aad538e349b94b8d8f1a005aad40238913b306902986b9a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Wed, 02 Mar 2022 14:49:40 GMT
server: nginx
etag: W/"621f8404-352"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wpa-style.css
capitolcanary.com/wp-content/plugins/wp-accessibility/css/ 3 KB
1 KB 369ms
367ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=1.7.10.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9466faa62064804d275c560d82572587e8cf6b2bd7079897d5ec3279b8122165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:30 GMT
server: nginx
etag: W/"6290c4a2-c4f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 all.min.css
capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/ 58 KB
13 KB 368ms
366ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.4.3.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:27 GMT
server: nginx
etag: W/"6290c49f-e7a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 b4f01042d3b8a5ace87f21d336ea400e-layout-bundle.css
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 191 KB
15 KB 449ms
447ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/b4f01042d3b8a5ace87f21d336ea400e-layout-bundle.css?ver=2.5.4.3-1.4.1.3.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4caad9356eb00a49e44aeb99d536873c9c167c5d42fede317e1a14ec19ee10d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 30 May 2022 16:27:06 GMT
server: nginx
etag: W/"6294f05a-2fa01"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 themify-icons.min.css
capitolcanary.com/wp-content/plugins/dflip/assets/css/ 14 KB
3 KB 449ms
447ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/css/themify-icons.min.css?ver=1.7.31.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:28 GMT
server: nginx
etag: W/"6290c4a0-3605"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dflip.min.css
capitolcanary.com/wp-content/plugins/dflip/assets/css/ 26 KB
6 KB 449ms
447ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/css/dflip.min.css?ver=1.7.31.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:28 GMT
server: nginx
etag: W/"6290c4a0-6932"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 app.css
capitolcanary.com/wp-content/plugins/simple-lightbox/client/css/ 232 B
306 B 449ms
447ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 12:12:33 GMT
server: nginx
etag: W/"61f7d231-e8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 default.min.css
capitolcanary.com/wp-content/plugins/tablepress/css/ 5 KB
2 KB 449ms
447ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.14.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 17:56:20 GMT
server: nginx
etag: W/"623cb0c4-13e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bsfrt-frontend-css.min.css
capitolcanary.com/wp-content/plugins/read-meter/assets/min-css/ 565 B
439 B 449ms
448ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/read-meter/assets/min-css/bsfrt-frontend-css.min.css?ver=1.0.6.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0aa5201729bac890535667e48073ab88a75040b0858a54292ec020832e4aee24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 12:12:33 GMT
server: nginx
etag: W/"61f7d231-235"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.magnificpopup.min.css
capitolcanary.com/wp-content/plugins/bb-plugin/css/ 6 KB
2 KB 449ms
448ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.5.4.3.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:27 GMT
server: nginx
etag: W/"6290c49f-169c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap-4.min.css
capitolcanary.com/wp-content/themes/bb-theme/css/ 158 KB
25 KB 449ms
448ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.11.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 25 Apr 2022 20:52:25 GMT
server: nginx
etag: W/"62670a09-278b4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 skin-6294ee8a79d18.css
capitolcanary.com/wp-content/uploads/bb-theme/ 73 KB
10 KB 449ms
448ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-theme/skin-6294ee8a79d18.css?ver=1.7.11.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff1b277f5f04deff0a69474f2616c18775058f967f7b9e8dea7b27c0aca9bd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 30 May 2022 16:19:22 GMT
server: nginx
etag: W/"6294ee8a-12542"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
capitolcanary.com/wp-content/themes/capitol-canary/ 79 KB
11 KB 449ms
448ms Stylesheet
text/css 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/style.css?ver=6.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: dd029f338de8c7894abbd11b53992e230abd401456f5c36a55e8ff8f8d83c8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 30 May 2022 20:22:03 GMT
server: nginx
etag: W/"6295276b-13a44"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-3.6.0.min.js Show response
capitolcanary.com/wp-content/themes/capitol-canary/js/ 87 KB
31 KB 449ms
448ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/js/jquery-3.6.0.min.js?ver=1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 11 Mar 2022 15:19:19 GMT
server: nginx
etag: W/"622b6877-15d9d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 imagesloaded.min.js Show response
capitolcanary.com/wp-includes/js/ 5 KB
2 KB 449ms
449ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/imagesloaded.min.js?ver=6.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 12:12:25 GMT
server: nginx
etag: W/"61f7d229-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
60 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&ver=1654025600

Requested by

Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc99c5ab2f442defb7468977d0309775969d81dbe27ac828e019fcccac7ccaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61190
x-xss-protection: 0
expires: Tue, 31 May 2022 19:33:21 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 112 KB
42 KB 59ms
23ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MDVLCWQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58a8ee8343dd99744f9da7978bc8f12edd5e8509ed1c8f1cd676069785e3d7ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42131
x-xss-protection: 0
expires: Tue, 31 May 2022 19:33:21 GMT

GET
H/1.1 200
OK 223125.js Show response
secure.wine9bond.com/js/ 16 B
304 B 137ms
29ms Script
text/javascript 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.wine9bond.com/js/223125.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 7f708f3b9f6f2d8adf30af30703a6f5aff12e3685f56a255c3d20c67aba707de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 May 2022 19:33:21 GMT
Server: Kestrel
Content-Type: text/javascript
Expires: 0
Cache-Control: no-store, must-revalidate
Connection: keep-alive
Content-Length: 16
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H2 200 header_capitol_canary_logo.svg
capitolcanary.com/wp-content/uploads/2021/12/ 13 KB
5 KB 310ms
306ms Image
image/svg+xml 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capitolcanary.com/wp-content/uploads/2021/12/header_capitol_canary_logo.svg
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 581a118e4a2b33f2d2738b1e0a946a0223e9e6d0bcc579463148d6ea1d089cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 12:12:27 GMT
server: nginx
etag: W/"61f7d22b-32b2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 forms2.min.js Show response
app-sj20.marketo.com/js/forms2/js/ 205 KB
68 KB 291ms
29ms Script
application/x-javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 03:46:42 GMT
server: cloudflare
age: 5213
etag: "74039e-3326e-5de135b5b2c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7142240be93e9be0-FRA
expires: Tue, 31 May 2022 23:33:21 GMT

GET
H2 200 footer_capitol_canary_icon.svg
capitolcanary.com/wp-content/uploads/2021/12/ 422 B
506 B 310ms
307ms Image
image/svg+xml 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capitolcanary.com/wp-content/uploads/2021/12/footer_capitol_canary_icon.svg
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b8acc0c1a541b4572172f8c39ff60f586962fa6bb9f1edd840d1d77da1d3818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 12:12:27 GMT
server: nginx
etag: W/"61f7d22b-1a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 66ms
6ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 03:47:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 56770
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P7
X-Amz-Cf-Id: XtnEDFA7QcSJhwYqofQkqczF0UUrz-aOuwCASLdtxjZH_AZ7WkTv5g==

GET
H2 200 core.min.js Show response
capitolcanary.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 147ms
142ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-50eb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mouse.min.js Show response
capitolcanary.com/wp-includes/js/jquery/ui/ 3 KB
1 KB 150ms
144ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-d53"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 resizable.min.js Show response
capitolcanary.com/wp-includes/js/jquery/ui/ 18 KB
6 KB 151ms
145ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: aad7aa1a4b01b34fabc6eb823865de09b1019050b80c8ddbc2d68667d92217ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-4911"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 draggable.min.js Show response
capitolcanary.com/wp-includes/js/jquery/ui/ 18 KB
5 KB 153ms
147ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8b934f3213c33c849410d6edf4fa6f85f970839503d462d94413bd8c15a2e106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-4797"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 controlgroup.min.js Show response
capitolcanary.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 153ms
146ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2f266be2c8dcaa0d833e327744db160b6e5edecad0da8f0f081a5ff22c64e74e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-113f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 checkboxradio.min.js Show response
capitolcanary.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 153ms
147ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 10094e3448750a4d28c63270c34a48a713985bcc5602ffc783e2a3e187d9ccff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 25 Feb 2022 18:43:45 GMT
server: nginx
etag: W/"62192361-10eb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 button.min.js Show response
capitolcanary.com/wp-includes/js/jquery/ui/ 6 KB
2 KB 153ms
147ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/jquery/ui/button.min.js?ver=1.13.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a0b4e1978c954ef1b191725c1a7b725e24a5d89b9242f9342d1b69694d7117bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-17fa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dialog.min.js Show response
capitolcanary.com/wp-includes/js/jquery/ui/ 13 KB
4 KB 155ms
149ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 97da09ae98803932c42d9e9cfe80acc4d2953b60cc6020acf11a19f04689283c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-32ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 18905-layout.js Show response
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 31 KB
9 KB 157ms
152ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/18905-layout.js?ver=9044ed8792dc88cc3a7b7973160a4c33.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 191fc6eaefd3f8242ba2bf7c95c00037e65ca3b53e28541b8b88d215a87c1425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Tue, 31 May 2022 10:57:44 GMT
server: nginx
etag: W/"6295f4a8-7b15"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
capitolcanary.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 288ms
282ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
capitolcanary.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 292ms
286ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:32:35 GMT
server: nginx
etag: W/"6290c4e3-4ac6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
capitolcanary.com/wp-content/plugins/contact-form-7/includes/js/ 9 KB
3 KB 293ms
288ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 14:22:33 GMT
server: nginx
etag: W/"62850129-25f8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-video-popup.js Show response
capitolcanary.com/wp-content/plugins/responsive-youtube-vimeo-popup/assets/js/ 3 KB
1 KB 293ms
288ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/responsive-youtube-vimeo-popup/assets/js/wp-video-popup.js?ver=2.9.2.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0575f510d4354d5dd35a0920d988a8122936fde30a9dd5f9d3d1dfc0ad7df147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Wed, 02 Mar 2022 14:49:40 GMT
server: nginx
etag: W/"621f8404-af3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 longdesc.button.js Show response
capitolcanary.com/wp-content/plugins/wp-accessibility/js/ 3 KB
1 KB 293ms
288ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.7.10.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44c1e4738705bab988e778131a999b93fd5f1f5f1d815f3bb652c6434fc9c992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:30 GMT
server: nginx
etag: W/"6290c4a2-b57"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 current-menu-item.js Show response
capitolcanary.com/wp-content/plugins/wp-accessibility/js/ 138 B
326 B 294ms
289ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/js/current-menu-item.js?ver=1.7.10.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:30 GMT
server: nginx
etag: W/"6290c4a2-8a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.ba-throttle-debounce.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 731 B
687 B 294ms
289ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.4.3.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:27 GMT
server: nginx
etag: W/"6290c49f-2db"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.fitvids.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 2 KB
953 B 295ms
290ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:27 GMT
server: nginx
etag: W/"6290c49f-6f6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js_cookie.js Show response
capitolcanary.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/ 4 KB
2 KB 296ms
291ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-ultimate-addon/modules/modal-popup/js/js_cookie.js?ver=6.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Tue, 17 May 2022 16:04:18 GMT
server: nginx
etag: W/"6283c782-e70"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 d98c8607305420fdf1ab85b231856bc6-layout-bundle.js Show response
capitolcanary.com/wp-content/uploads/bb-plugin/cache/ 81 KB
12 KB 298ms
294ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/uploads/bb-plugin/cache/d98c8607305420fdf1ab85b231856bc6-layout-bundle.js?ver=2.5.4.3-1.4.1.3.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a28ce5e399fac8e5754e5b4430ef015f757972050e67699b03b08a07831ae30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 30 May 2022 16:27:05 GMT
server: nginx
etag: W/"6294f059-143d4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts.js Show response
capitolcanary.com/wp-content/themes/capitol-canary/js/ 2 KB
833 B 298ms
294ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/capitol-canary/js/scripts.js?ver=1.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 31acfb740ba1679a810fae919d0566a47ca1bf2712106334779d9be741bc9d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Wed, 20 Apr 2022 17:47:23 GMT
server: nginx
etag: W/"6260472b-8cf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dflip.min.js Show response
capitolcanary.com/wp-content/plugins/dflip/assets/js/ 125 KB
40 KB 299ms
294ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/dflip/assets/js/dflip.min.js?ver=1.7.31.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 09f2ff5cd11b1e37a29b2935d9fcadfb7fa18d0982c22e22626d990bdcc661ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:28 GMT
server: nginx
etag: W/"6290c4a0-1f586"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 smush-lazy-load.min.js Show response
capitolcanary.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 299ms
295ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.9.11.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 23 May 2022 19:33:05 GMT
server: nginx
etag: W/"628be171-1ef2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-accessibility.js Show response
capitolcanary.com/wp-content/plugins/wp-accessibility/js/ 2 KB
868 B 300ms
296ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/wp-accessibility/js/wp-accessibility.js?ver=1.0.2.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8a90b0a97065fb0d36744a9db61b9e421d7198e35b9d31c71154a9f4f57d3fff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:30 GMT
server: nginx
etag: W/"6290c4a2-6c2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.magnificpopup.min.js Show response
capitolcanary.com/wp-content/plugins/bb-plugin/js/ 19 KB
7 KB 303ms
299ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.5.4.3.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:31:27 GMT
server: nginx
etag: W/"6290c49f-4da3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap-4.min.js Show response
capitolcanary.com/wp-content/themes/bb-theme/js/ 61 KB
16 KB 307ms
303ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.11.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 25 Apr 2022 20:52:25 GMT
server: nginx
etag: W/"62670a09-f3bf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 theme.min.js Show response
capitolcanary.com/wp-content/themes/bb-theme/js/ 22 KB
6 KB 308ms
305ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Mon, 25 Apr 2022 20:52:25 GMT
server: nginx
etag: W/"62670a09-5902"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 helper.js Show response
capitolcanary.com/wp-content/plugins/optinmonster/assets/js/ 653 B
538 B 309ms
305ms Script
application/javascript 104.199.120.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://capitolcanary.com/wp-content/plugins/optinmonster/assets/js/helper.js?ver=2.7.0.1654025600
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.199.120.76 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.120.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a904bdffeaa6adf503ebd227303a2c0e8e534789a39376f602727bfab444c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
last-modified: Tue, 17 May 2022 16:04:17 GMT
server: nginx
etag: W/"6283c781-28d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Requested by

Host: capitolcanary.com
URL: https://capitolcanary.com/wp-content/themes/capitol-canary/style.css?ver=6.0.1654025600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cefcc46cc948d5f415ee62ac12acf01027b8c92b5602f380b3c33b63465603f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 19:33:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 19:33:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 19:33:21 GMT

GET
H2 200 fapv5tguvsk6.js Show response
js.driftt.com/include/1654025700000/ 232 KB
66 KB 184ms
132ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1654025700000/fapv5tguvsk6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f1f8f7c12ef6b6f9b5ee9e61c7e158a15581e5feb773206630ad140beeda27b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 18:51:30 GMT
server: nginx
etag: W/"1426334d2892a3d82b6359dd152fb754"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iEP7uQSGF3Fdc4nu0D1_oPxzrmQSUQnd
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W1FUYGRKJWUcALnmp06O2l_v8LY8PcElw5gwBA0z-rDZK2ujjKejOQ==

GET
H2 200 614388d3366fa2001cc5a5fa Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 241ms
197ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/614388d3366fa2001cc5a5fa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8dff6b8a49a7729f2f1c734d8bbc3a7a7bcda5f4474bf975dd5712578123d2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7142240adc52cc46-ZRH
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google

GET
H2 200 hotjar-574101.js Show response
static.hotjar.com/c/ 4 KB
2 KB 73ms
48ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-574101.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

5c819472f51c8823d70d8fb76ffd61645f7d408195ef110217262b4e890886f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/b488ca9e21fca189735fe43b99cda6e2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: hEfuGSr6TlgqKPpmdL6iTA77po_HLW9ssS2D9X0FuBwQ655Y2aUOmw==
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 69ms
14ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:33:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 402ms
100ms Script
text/javascript 3.224.78.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.78.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-78-34.compute-1.amazonaws.com
Software: /
Resource Hash: 73a2496c04cacc466323c431768e0c5e6e689afd55645e532cb5be961971c966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 31 May 2022 19:33:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=5
Content-Length: 5410
Connection: keep-alive
Content-Type: text/javascript

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 2 KB
1 KB 270ms
214ms Script
text/javascript 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1654025601680

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.253 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 7142240aeeba9b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
79 KB 53ms
30ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

197c9364c177615ee4b6b9633a9fbc7c0adb5eea2914b316676ad9e44854851c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80864
x-xss-protection: 0
last-modified: Tue, 31 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 May 2022 19:33:21 GMT

GET
H2 200 SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2
fonts.gstatic.com/s/ebgaramond/v25/ 39 KB
40 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v25/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c16ca6e80ceb36ff3400cb377e38398f6b7cf2a266958ee2c2f3b6698f5317b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 23:53:59 GMT
x-content-type-options: nosniff
age: 416362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40108
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 23:53:59 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
30 KB 26ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,700;1,400;1,700&family=Montserrat:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 8776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:07:05 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
348 B 62ms
13ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MR1REW8MSK&gtm=2oe5p1&_p=884235421&_z=ccd.tdB&_gaz=1&cid=1381390287.1654025602&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1654025601&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-MDVLCWQ
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&ver=1654025600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
348 B 58ms
21ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MR1REW8MSK&cid=1381390287.1654025602&gtm=2oe5p1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MR1REW8MSK&ver=1654025600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 75ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MR1REW8MSK&cid=1381390287.1654025602&gtm=2oe5p1&aip=1&z=600587146

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 14ms
14ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:33:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Thu, 08 Sep 2022 19:33:21 GMT

GET
H2 200 modules.d0961e771164cd91e405.js Show response
script.hotjar.com/ 243 KB
63 KB 34ms
7ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d0961e771164cd91e405.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-574101.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43155
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64057
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 07:33:23 GMT
etag: "1ed5739adb19197da798013ab080794d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: CfxTCR7cR9xVfzDWnpHLhEwXm3pr5R_nGF-vtb8Iwt5lHxUwivu3BA==

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 105 KB
41 KB 41ms
20ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-54PF459

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

686d1cc4591be1b9f730e75e49c40772acd308b5188db5dc4448eb96f15f9a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41214
x-xss-protection: 0
expires: Tue, 31 May 2022 19:33:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42ff0fa4f78fe7d223525898ede1cba6d4a26cd5ded057c223dbcb9fc8c7fa1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69966
x-xss-protection: 0
expires: Tue, 31 May 2022 19:33:21 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 63ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB73CE97E8564BA9B3A607D5371AF3F4 Ref B: FRAEDGE1314 Ref C: 2022-05-31T19:33:21Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 31 May 2022 19:33:21 GMT
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 49 KB
16 KB 245ms
54ms Script
text/javascript 2600:9000:225e:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e4db91e933957c952cea51bd5f9c81f9bc76828d8ab55cfff71a74f6c4b640d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: sheXpIV7HBYMVaU7JbFLL29rwPWoWBfK
Content-Encoding: gzip
Etag: W/"282858284eb90ea42ac68a61d5841cac"
Age: 1641
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 May 2022 16:45:28 GMT
Server: AmazonS3
Date: Tue, 31 May 2022 19:06:02 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: CKFbYB61DxW5TrYNgGfqTrpqD-yy-AWLeISLOeeqFpNr2E27f1arLQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 60ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: FrIUo1PDUe0luOsRqAyltfmaE6PwFdWKDHot3mCA0a5H7PhiELtv46PtIlTNoSEE/gBVEkOM0OUKkSy3aqn1kw==
x-fb-trip-id: 720026100
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 31 May 2022 19:33:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 44ms
18ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

951a3f149026bb8e5b224330b22e0be9771302d9f2c7461ca3b7d83900bff22f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14799
x-xss-protection: 0
server: cafe
etag: 13663081621700740891
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 May 2022 19:33:21 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7115
date: Tue, 31 May 2022 17:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 31 May 2022 19:34:46 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 57ms
14ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS9B9K9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:33:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=67021
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H/1.1 200
OK rtp.js Show response
sjrtp4-cdn.marketo.com/rtp-api/v1/ 0
231 B 173ms
45ms Script
application/x-javascript 104.111.216.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp4-cdn.marketo.com/rtp-api/v1/rtp.js?aid=phone2action

Requested by

Host: about2.capitolcanary.com
URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0v55-AgErhe1146I=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.216.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-226.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Server: Jetty(7.3.1.v20110307)
Connection: keep-alive
Date: Tue, 31 May 2022 19:33:22 GMT
Content-Length: 0
Content-Type: application/x-javascript; charset=UTF-8

GET
H2 200 1425.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 184ms
145ms Script
text/javascript 2606:4700:4400::6812:2437
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1425.js?p=https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&e=

Requested by

Host: about2.capitolcanary.com
URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0v55-AgErhe1146I=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2437 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 115c6f77-035f-4d09-8cd1-68bce88edc8f
x-runtime: 0.003348
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 7142240bdd3801fc-ZRH

GET
H2 200 8fh7784k59 Show response
www.clarity.ms/tag/ 1 KB
2 KB 178ms
98ms Script
application/x-javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/8fh7784k59
Requested by: Host: about2.capitolcanary.com
URL: http://about2.capitolcanary.com/NDg2LVZLSS00OTQAAAGEuln0NRQAPfojk06lFlbo9EayKo4KY6d300tFW4AwXWEPhnYXIAPFO1I0v55-AgErhe1146I=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 0c3665152b9a84eebcf5a4576714e984baa76d79989043d6edf9a099236891c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
x-powered-by: ASP.NET
x-azure-ref: 0gW2WYgAAAAD899fTqZTaR4H9yJY1sin9TFRTRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
content-length: 1333
expires: -1

POST
H/1.1 200
OK visitWebPage
486-vki-494.mktoresp.com/webevents/ 2 B
311 B 825ms
158ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://486-vki-494.mktoresp.com/webevents/visitWebPage?_mchNc=1654025601802&_mchCn=&_mchId=486-VKI-494&_mchTk=_mch-capitolcanary.com-1654025601801-67506&mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&_mchHo=capitolcanary.com&_mchPo=&_mchRu=%2Ffake-page&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Fabout2.capitolcanary.com%2F&_mchQp=mkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:33:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 0427f580-cb40-41f5-b2c6-61d906f6abec

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 31ms
15ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-80CPFVSEDB&gtm=2oe5p1&_p=884235421&_z=ccd.tdB&_gaz=1&cid=1381390287.1654025602&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1654025601&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 55ms
18ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-80CPFVSEDB&cid=1381390287.1654025602&gtm=2oe5p1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-80CPFVSEDB&cid=1381390287.1654025602&gtm=2oe5p1&aip=1&z=2115336705

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976554992/ 3 KB
2 KB 154ms
72ms Script
text/javascript 2a00:1450:4014:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976554992/?random=1654025601933&cv=9&fst=1654025601933&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8157a599696973f6aa1e13967f0bdfaf50902b0cea71aace9f9cdf3dcf64a582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=884235421&t=pageview&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=ULaZhAx5S3GCynYEzv5gtg.1&_u=YADAAEABQAAAAC~&jid=1001264577&gjid=1787139534&cid=1381390287.1654025602&tid=UA-33465110-1&_gid=919429356.1654025602&_r=1&gtm=2wg5p1TS9B9K9&z=1125075327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1654025601944&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw1...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D45840%26time%3D1654025601944%26url%3Dhttps%253A%252F%252Fcapitolcanary.com%252Ffa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1654025601944&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw1...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1654025601944&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw...

0
265 B

178ms
156ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1654025601944&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&liSync=true&e_ipv6=AQIN326E3zB3rAAAAYEbm8VR0hDe91Z3AZzYbZFXflnRkeVRjJzIMrAPYkTh4bjH9nNCDFHJmt_1VcUm5HJbwJNnBioBGA
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7D313F04A08E4325A3889E970FB3E183 Ref B: FRAEDGE1412 Ref C: 2022-05-31T19:33:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXgU9h9noCV7+xGx1dEQQ==
x-li-fabric: prod-ltx1

Redirect headers

date: Tue, 31 May 2022 19:33:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 93C38F4C5A7F45F086E758CA9F71B870 Ref B: FRAEDGE1320 Ref C: 2022-05-31T19:33:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=45840&time=1654025601944&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&liSync=true&e_ipv6=AQIN326E3zB3rAAAAYEbm8VR0hDe91Z3AZzYbZFXflnRkeVRjJzIMrAPYkTh4bjH9nNCDFHJmt_1VcUm5HJbwJNnBioBGA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXgU9h6dUM7ZrwB+tYdKA==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 38ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.61

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20656
x-xss-protection: 0
pragma: public
x-fb-debug: WM/KnO5QXAjB64EjsqWPwI4J0jZkCs9gqaT6LHIa86xRi7g2ecODOM5f+SUYmNb04biG1n2LE0UXe5TDa5yttw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 31 May 2022 19:33:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 656507917815711 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 159ms
141ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/656507917815711?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f516c74c03e4dbf3b8089880fa20909c37eee62b3d000615b6202e04cccc90a5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ihtgi/ZJURG1P32zSptaQdLc0rVEZAy58Qjlztc6eEf5pP6akb1TyFdp+ypxoDuK80DidaY9u5nuPmtrd6SJww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 31 May 2022 19:33:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654025602117
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 25001832.js Show response
bat.bing.com/p/action/ 0
117 B 176ms
176ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25001832.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E91AF14D905E4DC28D5E71E021663831 Ref B: FRAEDGE1314 Ref C: 2022-05-31T19:33:21Z
date: Tue, 31 May 2022 19:33:21 GMT
x-cache: CONFIG_NOCACHE

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-33465110-1&cid=1381390287.1654025602&jid=1001264577&gjid=1787139534&_gid=919429356.1654025602&_u=YADAAEAAQAAAAC~&z=285378176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 May 2022 19:33:21 GMT
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getForm Show response
app-sj20.marketo.com/index.php/form/ 5 KB
2 KB 354ms
354ms Script
application/javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-sj20.marketo.com/index.php/form/getForm?munchkinId=486-VKI-494&form=2574&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page&callback=jQuery112403229798627368776_1654025601983&_=1654025601984
Requested by: Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cde763fe845775f058ffe78fc3a35daa8ce38da895a2c33603acecc3dbd6efe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 7142240c7ac59be0-FRA
cached: true

GET
H3 200 c.gif
grow.clearbitjs.com/api/ 35 B
305 B 213ms
199ms Image
image/gif 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fcapitolcanary.com%2Ffake-page&c=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.253 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 7142240c9b589956-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.min.js Show response
om1.capitolcanary.com/app/js/ 194 KB
54 KB 95ms
16ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://om1.capitolcanary.com/app/js/api.min.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 60cd5cce6b3766b833945067c3df40cbd33c12eb12c5e1eb5fd915501bf89b16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 05/31/2022 16:22:18
cdn-pullzone: 99152
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 16:21:59 GMT
cdn-proxyver: 1.02
cdn-fileserver: 337
etag: W/"629640a7-30785"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 3d41e7246a8b50f5411f7c0ce71e86a3
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 65ms
44ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33465110-1&cid=1381390287.1654025602&jid=1001264577&_u=YADAAEAAQAAAAC~&z=1955946781

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 57ms
41ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33465110-1&cid=1381390287.1654025602&jid=1001264577&_u=YADAAEAAQAAAAC~&z=1955946781

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-f/s/0.6.34/ 53 KB
23 KB 102ms
102ms Script
application/javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8fh7784k59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:21 GMT
content-encoding: br
etag: "1d87336c650fb54"
last-modified: Sun, 29 May 2022 08:33:30 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0gm2WYgAAAAAJP5Eo96HSRaj37diltdrITFRTRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVQJW343KJAW7GWROKSEFP/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

21ms
8ms

Script
application/javascript

2600:9000:225e:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: HTTP/1.1
Server: 2600:9000:225e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: QCXe6z8Ijv28a3Z6pj7cPKMX4fdClAik
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 38084
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Wed, 18 May 2022 19:09:46 GMT
Server: AmazonS3
Date: Tue, 31 May 2022 08:58:40 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: v57QR1qEdQtia5iuAhtM9T4Pg8E4kd9Ue4MaCFa5Rfmuqm8cC104bg==

Redirect headers

Date: Tue, 31 May 2022 19:30:48 GMT
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
Age: 153
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 774Ogl5qJqQPWelO5mpe0SSsD-In55b0lYVFPaBo29Jx7AZH6kWM6A==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

12ms
8ms

Script
application/javascript

2600:9000:225e:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: HTTP/1.1
Server: 2600:9000:225e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 48010
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Tue, 31 May 2022 06:13:13 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 98OdFWAMMtu1o5oj5uKOtfcrDZiVQczCk5vZ9YHTt2KdpHVzxhkyIQ==

Redirect headers

Date: Tue, 31 May 2022 11:23:09 GMT
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
Age: 29413
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: xDAk-rvkQ0IDaDypG9NUfzUrkRdeH7zN7pzwRubohsWK-5N-4OPkUA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/ 4 KB
3 KB 45ms
30ms Script
text/javascript 2600:9000:225e:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVQJW343KJAW7GWROKSEFP/YGAVJIE2WNDOJEE5TBNPGO/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: 4f93Xey_DgRGz7b9zDIotZcboTUcbaTs
Content-Encoding: gzip
Etag: W/"33ed216ef4569e95a97e55fb39d91d38"
Age: 135
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
Last-Modified: Mon, 30 May 2022 08:53:43 GMT
Server: AmazonS3
Date: Tue, 31 May 2022 19:31:07 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: bUil29hzWP2KJM1exfXae3DoQonGRGcPQ_bX55l9qHD4iWEXGk0THA==

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 99ms
98ms Stylesheet
text/css 3.224.78.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.78.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-78-34.compute-1.amazonaws.com
Software: /
Resource Hash: 84c596f0b5b3cc2089b73383cca49345a2c6459cfb81e9c7253549e9e61420b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 31 May 2022 19:33:22 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 394ms
98ms Fetch
image/jpeg 3.224.78.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.78.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-78-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 31 May 2022 19:33:22 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 /
www.google.com/pagead/1p-user-list/976554992/ 42 B
154 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976554992/?random=1654025601933&cv=9&fst=1654023600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&async=1&fmt=3&is_vtc=1&random=3125666617&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/976554992/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976554992/?random=1654025601933&cv=9&fst=1654023600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&frm=0&url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&ref=http%3A%2F%2Fabout2.capitolcanary.com%2F&tiba=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&async=1&fmt=3&is_vtc=1&random=3125666617&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.css
om1.capitolcanary.com/app/js/ 18 KB
3 KB 14ms
13ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://om1.capitolcanary.com/app/js/api.min.css
Requested by: Host: om1.capitolcanary.com
URL: https://om1.capitolcanary.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-200
cdn-cachedat: 05/31/2022 16:22:18
cdn-pullzone: 99152
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 16:21:58 GMT
cdn-proxyver: 1.02
cdn-fileserver: 310
etag: W/"629640a6-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 1702448540fe65d4fbf655bf1dd0a112
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK i57yvi9bgc3xiejmfo5p Show response
om2.capitolcanary.com/api/v2/embed/45819/ 3 KB
2 KB 354ms
105ms XHR
application/json 104.248.111.229
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://om2.capitolcanary.com/api/v2/embed/45819/i57yvi9bgc3xiejmfo5p
Requested by: Host: om1.capitolcanary.com
URL: https://om1.capitolcanary.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.111.229 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Pagely Gateway/1.5.1 /
Resource Hash: 694dbae9bc1afb7159bc85a5079dc8bfd0b8d3993952f9cb5896a55597cd375e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:33:22 GMT
Content-Encoding: gzip
X-Cache-Config: 0 0
Access-Control-Allow-Origin: https://capitolcanary.com
X-Kong-Proxy-Latency: 0
X-Cache-Status: HIT
Transfer-Encoding: chunked
X-Kong-Upstream-Latency: 7
Connection: keep-alive
X-OptinMonster-Campaign: i57yvi9bgc3xiejmfo5p
X-User-Agent: standard--
Last-Modified: Mon, 14 Mar 2022 16:24:13 GMT
Server: Pagely Gateway/1.5.1
ETag: W/"3c74eb47666b1480ccd71e2c0a147a44"
Vary: Origin
Content-Type: application/json
Via: kong/1.3.0
Access-Control-Expose-Headers: X-OptinMonster-Campaign, X-User-Agent
Cache-Control: public, max-age=30, stale-while-revalidate=1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-CSRF-Token
Expires: Tue, 31 May 2022 19:29:45 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame E951 2 KB
1 KB 100ms
99ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1654025700000/fapv5tguvsk6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

943be3a302dc3b02806a3abc3a2c70b757484bb9992b4986cc1cc1f10d292eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 May 2022 19:33:22 GMT
etag: W/"b19a34cb483077379d7197f428632d68"
last-modified: Tue, 31 May 2022 18:51:20 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-id: GSh52JME4eDKwzaeEg00XETysabpMR1iLsjK4sszp1OQ21yDAfZfvQ==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: lwp2WdB7PBzmZyaPeyAev_RON2cb8q1g
x-cache: Hit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame B560 2 KB
1 KB 121ms
121ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1654025700000/fapv5tguvsk6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

943be3a302dc3b02806a3abc3a2c70b757484bb9992b4986cc1cc1f10d292eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 May 2022 19:33:22 GMT
etag: W/"b19a34cb483077379d7197f428632d68"
last-modified: Tue, 31 May 2022 18:51:20 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-id: 1T8EU_enaCmY9ZVjOJo6IudXvdqeJveXOKwxSPhUeVGrI32uxGt8Qg==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: lwp2WdB7PBzmZyaPeyAev_RON2cb8q1g
x-cache: RefreshHit from cloudfront

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25001832&tm=gtm002&Ver=2&mid=1542ff76-1ce2-4401-81bf-44a0e7772048&sid=882ca4f0e11811eca2fd719182b4ab32&vid=882ccaf0e11811ecb3eabd722c603da3&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&p=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&r=http%3A%2F%2Fabout2.capitolcanary.com%2F&lt=2473&evt=pageLoad&msclkid=N&sv=1&rn=319112

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F89D4C24D2B644F795496E76A2BD70B8 Ref B: FRAEDGE1314 Ref C: 2022-05-31T19:33:22Z
date: Tue, 31 May 2022 19:33:21 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HVQJW343KJAW7GWROKSEFP Show response
d.adroll.com/consent/check/ 439 B
532 B 104ms
30ms Script
application/javascript 63.34.234.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVQJW343KJAW7GWROKSEFP?arrfrr=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&_s=5f538e44125d3080f9695b9450233d5b&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.234.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-234-143.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: c188557397a42a95fdfac35e0b20024e3816fe88321fee2c87aaa2c0b7abf0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
server: nginx/1.20.0
content-length: 439
content-type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 29ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=656507917815711&ev=PageView&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&rl=http%3A%2F%2Fabout2.capitolcanary.com%2F&if=false&ts=1654025602215&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654025602214.992399366&it=1654025601964&coo=false&dpo=&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 31 May 2022 19:33:22 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 325A 2 KB
1 KB 48ms
10ms Document
text/html 18.66.139.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-574101.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-28.fra60.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43156
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-cf-id: y46oRyudpZg-lAfLJrRgxv8lrQQuW8EbqAWvSSpaXZKRF7Am2dBRXQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 runtime~main.279ec64a.js Show response
js.driftt.com/core/assets/js/ Frame E951 6 KB
3 KB 7ms
6ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

78046cd6631b3017a00edaeaa997b298e5674c43d3aba9ae07a225e4acf23da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:51:20 GMT
content-encoding: gzip
age: 2522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 17:52:17 GMT
server: nginx
etag: W/"373294a50a22944cdb4722c016e64984"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3yzENfyaCAr9I0wUD7RnIvkeseRE.XUn
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8Vf2wkpmy_8EumfvLnpqBt7FQcnAUQc1c8D_29CA14ugdQ-8dwTiWg==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 58 KB
20 KB 8ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 3352198
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ucrWDUcThaxYk8AJ5wvJPSzAATqTjHCGriWDh9F3smBhEzCM0YTXlA==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 6 KB
3 KB 9ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 1128972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yPJ4j4MiiZ5GAv4vmFvUM8OXBRca_uEnesxwrFRb1FOq78VIrxeceg==

GET
H2 200 runtime~main.279ec64a.js Show response
js.driftt.com/core/assets/js/ Frame B560 6 KB
3 KB 7ms
6ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

78046cd6631b3017a00edaeaa997b298e5674c43d3aba9ae07a225e4acf23da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:51:20 GMT
content-encoding: gzip
age: 2522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 17:52:17 GMT
server: nginx
etag: W/"373294a50a22944cdb4722c016e64984"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3yzENfyaCAr9I0wUD7RnIvkeseRE.XUn
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JsoZ-YSzcgmoXjxzzYSva_edtOcL7sKpqFg7S9-x-VPWq5jOxsiOew==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 58 KB
20 KB 7ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 3352198
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pl8a1Febanz0coiHh_N45LU56oIhVS-XkBn_K5jG7P_nVxNrIzm5Tg==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 6 KB
3 KB 8ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 1128972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BkRnwTJHk1369ulot-1EvpPJNlkoTAqd5LklHBd3N38WEdDcmM1zKQ==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 47 KB
14 KB 8ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 4394628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EPu21eWnmy5fZOROV6n96qi1aLgHUKC-mlkbSZI6XUB3gUxDzdh38A==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 44 KB
13 KB 8ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 3099476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XedbFDxtAWwdglJmT2LQAe7CasRuiuV-UGbzBcgZKCTwNjabeks1ww==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 25 KB
8 KB 9ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 3352147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FvSxSxk3dMajujTae5xHE5b3KskYo_DI
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zgzxUyC1pcBmugAaU_acLOhK7cjF91byTyATJy0P6ISsT5BiqCXp6w==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 16 KB
5 KB 9ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 3352147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:55 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Xqq9pUZYxgzAeYN3dJ9hj4qBA9MrPFwl
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H7Kc7Mc-H7735m8jYAyyFJ_0L8LJ3Lo1nkXEzueTO9E3dhb11ZKGNA==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 72 KB
22 KB 9ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4901188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GNjmuFSGEo2-91htPZJcC3HF9mVhxn2XP6XNMlEQjJkXUaYqiDzFyg==

GET
H2 200 34.4825f131.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 11 KB
5 KB 10ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.4825f131.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bcf935328b872f254a1b956b0aa6a653907ab015480080a4090813c322220ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:24:19 GMT
content-encoding: gzip
age: 367743
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 19:30:06 GMT
server: nginx
etag: W/"b7eb750a2537cbe3b711904b767cfc8e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1Q8Tn3bLtqIW1U1a6zoXf15.CuFwocex
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s4jqygPyqNwk14HpwD8svy2f2WBbeEd6RMsh-Fh8qaxQCr-5bO5DMg==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 59 KB
19 KB 13ms
12ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:59:10 GMT
content-encoding: gzip
age: 2522052
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:48 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RPweXmXVexEpGKV7.j7SNDhIA2.BhvsS
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gJz1yAXs9m6eni6xmqrXOV3bqqaVH-wcWYJWRjE2FCsRKTrosmuAIA==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 91 KB
28 KB 13ms
12ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5570956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pdxPQO7SkxKVqdpKnocpptjtwAz8-_BPxEoxh4Kc7Z7nGkZPHUCEBg==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 23 KB
7 KB 14ms
14ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 1647426
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dYplaocyfFNHmkh5AT-5z9SoP6Cp2jFScGcmOfSauAwnQeQ3127qDA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 62 KB
20 KB 14ms
14ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 12713981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gpeQc-vYAEVX7B9A_BaVcOZXaYRGd4NE04cBzVKFHrewAQOXZXLyLw==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 105 KB
34 KB 15ms
14ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 4394628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SsjHQvoT2qdY6LgvYPWu06S4L08XBlc5DuVYN7lPMTGDpfOFCV8T4Q==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 12 KB
4 KB 16ms
16ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 3352147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: muy.29k3ZOCYL.f1.WJ4kYW4R838qdz9
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4FVYX-42d1nqO7laJe1lIqRzwiSMx7gKheNpnbD2cL3dnqv6nCV-3A==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 12 KB
5 KB 16ms
16ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:29 GMT
content-encoding: gzip
age: 1793753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:07 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MO8K1XLcpyKTcr47NxMT13FlZAc1WFj1
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TZNc642HPwaPO4_FXniVeImB9KXnr66P5225_X2ngeJOXkHQo1hFaw==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 17 KB
7 KB 17ms
17ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 1128972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0KRKODQHdbZGI2tL0-KEEgNZ2S6rtLDnWNreYswzGvfnpGwsaZbieA==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame E951 11 KB
3 KB 17ms
17ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5570956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CzQ4FXsUy7307PotGzTF3O-4zPD97cgmnPW0zUQ7RpGxO3s_Cg5CAQ==

GET
H2 200 8.5fbd69d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 70 KB
22 KB 17ms
17ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.5fbd69d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 520259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:59 GMT
server: nginx
etag: W/"cd43284d05406552f494bbd44734ee0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XsFmR2GAc1_QnHVkrdDFEKicPq3qlHBV
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q8v4ieGALle617kOl5WjhLsKGx2YeGacBBkNGGPBiKIoDgvWHoWElA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame E951 24 B
667 B 18ms
18ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:59:02 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 1247660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Mon, 16 May 2022 20:01:16 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8PCeggsyXJIhPIB1SMCvsnx0TGc8spWk
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rsFGImBIopD2MswZ5gcIS0OUh061pidHXTzqgDWXUZbCBDdkgQ8JFw==

GET
H2 200 15.9a7b783c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 78 KB
20 KB 18ms
18ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.9a7b783c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 520259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"36f679f36770acf3a24e07795d54926d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PCpq1M7KNBx.60DMcPGYQas..FYGHvAh
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XbM7aqeQrprdmiP3n-aerHFaqsapDAlJtw5qJ5znvtJUMcEj8Yljdg==

GET
H2 200 22.6f487465.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 47 KB
13 KB 19ms
18ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6f487465.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 520259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"e07a6f8e3170641ee90cd70e1515d1cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: E.s_VR33a7iHVinnc1SG22v5OxH76qwY
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fd6Rr-1s83XbGORfbATTeFUwj8u1ZJXn9VmAPBEfTkXemeTYerc8Lg==

GET
H2 200 13.04ce772f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 40 KB
13 KB 19ms
19ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.04ce772f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d9d970a77e6fc456e0e58bccd8be08a20e845a78b78b991360efcfa38b45138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:51:20 GMT
content-encoding: gzip
age: 2522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 17:52:15 GMT
server: nginx
etag: W/"cc11fc0a15691c35230a8ae5bb34c1ee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WtaWFP3giy.RVH2Ty_4cSLPnW8tyIueS
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q3Ishebz4VNUNwjytq-SjeOX9ZQVkTxDynLLPnF5_XPMIMZtBb8Kmg==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 47 KB
14 KB 12ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 4394628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WdoPP2UTcD_yeiBVpjqXXRsZVfn2UdtGBpnHYyKgSrVsjCbWESFWgQ==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 44 KB
13 KB 12ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 3099476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CAsPpldTk9ZaQRTrYWYuTOSI_P_nuVq85UjmNl6KIPXVnIDkBWf45g==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 25 KB
8 KB 13ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 3352147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FvSxSxk3dMajujTae5xHE5b3KskYo_DI
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qwFsk_yFmlU-A7euf_fQamr4ncILjJVrkyDgnE0l5tFC-e7hQtO9hA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 16 KB
5 KB 13ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 3352147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:55 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Xqq9pUZYxgzAeYN3dJ9hj4qBA9MrPFwl
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MmOkx_RryGp0QvrwqLpUCpYMTOFaXCkC33Oz3TzrzJ0nrqVybyBf9g==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 72 KB
22 KB 14ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4901188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8kLPHd9wS2ourXauD2gLr1PW-70iIlLyk0xslynxLmWTd7W7hPKN-Q==

GET
H2 200 34.4825f131.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 11 KB
5 KB 14ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.4825f131.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bcf935328b872f254a1b956b0aa6a653907ab015480080a4090813c322220ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:24:19 GMT
content-encoding: gzip
age: 367743
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 19:30:06 GMT
server: nginx
etag: W/"b7eb750a2537cbe3b711904b767cfc8e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1Q8Tn3bLtqIW1U1a6zoXf15.CuFwocex
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MYM2qVrM6ERucUKs3t6k46c6xA8Siksb1IFuix85taJzX83Ve7Hmvw==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 59 KB
19 KB 14ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:59:10 GMT
content-encoding: gzip
age: 2522052
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:48 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RPweXmXVexEpGKV7.j7SNDhIA2.BhvsS
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ef7N40yXzLuhn4OusZ02karP_9eBUX9p4JsbsKqUoPkahzTyQXdzpQ==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 91 KB
28 KB 15ms
10ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5570956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zm5OAbj4ahrVoaFd_643bqflUTj2mKvHZzBemW9kN766S0GNS0Esag==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 23 KB
7 KB 16ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 1647426
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H8l0AVAlrHecNJFRpy4lGvq823PN4YfoItrVNRcH7Hj2AehMUtfa4A==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 62 KB
20 KB 16ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 12713981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qfgR3ZGMs0VP6nZPFhcLmWjSk2_dwetFdEabqQVe9tMSZzoxtPd5AA==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 105 KB
34 KB 17ms
10ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 4394628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QwtYFdAGvTl3NYGhvfUC6rhLQ9fABQgsvX5yvivHS65PkocYPImQLQ==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 12 KB
4 KB 18ms
11ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 3352147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: muy.29k3ZOCYL.f1.WJ4kYW4R838qdz9
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iL-Mql2ldh9ncKWk3r7sXu19YWnd7__xo1oidabgieQq0ftZWRFNAA==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 12 KB
5 KB 18ms
11ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:29 GMT
content-encoding: gzip
age: 1793753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:07 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MO8K1XLcpyKTcr47NxMT13FlZAc1WFj1
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: biVgAcP--ancZX0z3ryuCcziewHlp4awYWZb3Thts5Jk-NCB_2IaXA==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 17 KB
7 KB 19ms
12ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 1128972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: evUFHaZbw3NsOy-j_usrUxRcOqpf3EBaswz0s_81TlzBCzwwiJpUBQ==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame B560 11 KB
3 KB 19ms
10ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5570956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZZh96l-zB-BaVJL1qBeQQGHbFUIHlgdvev-UaA06WqMDGWVLfdfFVA==

GET
H2 200 8.5fbd69d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 70 KB
22 KB 19ms
11ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.5fbd69d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 520259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:59 GMT
server: nginx
etag: W/"cd43284d05406552f494bbd44734ee0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XsFmR2GAc1_QnHVkrdDFEKicPq3qlHBV
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oCOZfLBtqnTdGdxKqvzQSpVe0bA-WO7lSyCFwlAWdoyBYFNdolvr2Q==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B560 24 B
667 B 19ms
10ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:59:02 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 1247660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Mon, 16 May 2022 20:01:16 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8PCeggsyXJIhPIB1SMCvsnx0TGc8spWk
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eDFkT09EiM4ihlM3JbY9XEWkS-q9rRF-Hs3wjwXbYQJ46SZTc9BzLA==

GET
H2 200 15.9a7b783c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 78 KB
20 KB 22ms
14ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.9a7b783c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 520259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"36f679f36770acf3a24e07795d54926d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PCpq1M7KNBx.60DMcPGYQas..FYGHvAh
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ffshX1sUwmghcK-KEGeFTf79Zxnm6R1syo10iHFf_kqNDS9EZzFSKQ==

GET
H2 200 22.6f487465.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 47 KB
13 KB 22ms
15ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6f487465.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 520259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"e07a6f8e3170641ee90cd70e1515d1cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: E.s_VR33a7iHVinnc1SG22v5OxH76qwY
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8g3DicBjgIcydlIZgo6Mj4Dv6AF1NDC-0CqdKP93Lkza3M-LlHwUbQ==

GET
H2 200 13.04ce772f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 40 KB
13 KB 22ms
14ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.04ce772f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d9d970a77e6fc456e0e58bccd8be08a20e845a78b78b991360efcfa38b45138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:51:20 GMT
content-encoding: gzip
age: 2522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 17:52:15 GMT
server: nginx
etag: W/"cc11fc0a15691c35230a8ae5bb34c1ee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WtaWFP3giy.RVH2Ty_4cSLPnW8tyIueS
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: icEvU7EjvEKQB_tr7fBcHt--a5C5iKsjRhHCMhMg-lRh69rnc4VSmw==

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 14ms
9ms Script
application/javascript 2600:9000:225e:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Age: 50
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Date: Tue, 31 May 2022 19:32:45 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 4wNw2ICA6ZN-s1SBNKxYpA6B_h_n65EB4riV3nvQyIa917pBeVYgmA==

POST
H2 204 collect Show response
www.clarity.ms/eus2-f/ 0
178 B 98ms
98ms XHR
text/plain 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://capitolcanary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://capitolcanary.com
date: Tue, 31 May 2022 19:33:22 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0gm2WYgAAAAA5YDkzh+5gRLlCqVrrYu9STFRTRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 9 KB
3 KB 7ms
6ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 1793748
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7jPaGpYCRn0xNXiCUqH6WH2-kMZMPYOJSREdkdcJ6mFpRAdsGyj0aQ==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 33 KB
10 KB 7ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4915256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dJ6wMYR.EkVgKolqllYLjIlhrPfZzaVa
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0NEU8o4wnU79sYSP8x8sQtREqYk-U-YRfU0Ownh9ywFVSZp48hSGNw==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame E951 8 KB
2 KB 8ms
8ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:03:47 GMT
content-encoding: gzip
age: 2521775
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 04aQHx2ofXtXe_tgJCUmZiRKP7xQdJel
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MK7EO1SFyQJNGFUF5nChl1_PkbXg9CxviqcIKZLKs9O4-5BTUSHYjA==

GET
H2 200 25.b36a979b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 12 KB
5 KB 8ms
8ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b36a979b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9a5c3883eada0e4577732081b0979554f9c24570ec71bd766e9a2658e7703603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 520259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"bb1fc605abd6c0ba2c1eb7021ba58d04"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SjE9cVAK33cTH9HWQZWwr9_vpF1Vn6tr
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SxpabD3pRDNd2DHVTkt5-loUZjjTZFpcjMCgAL4aoILnkfNJDQfepA==

GET
H2 200 17.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame E951 365 B
1007 B 8ms
8ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 1128972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8PhpnUwCKVw_tmw5w1.GT3kRVBeTcpzl
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: anvk9q4tmCuPOUur5gEe1b7Qr7IvvaNWFBJrLrh-wJ9ecNgsHJ2dNg==

GET
H2 200 17.027d927e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E951 86 KB
24 KB 9ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.027d927e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ece60a396d929c226ee0d4944ecaef3729868828757792971606552f428a3d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=fapv5tguvsk6&region=US&forceShow=false&skipCampaigns=false&sessionId=ea27a20f-55e1-44ec-be51-a19a126ddd75&sessionStarted=1654025602.156&campaignRefreshToken=a0e27a79-b693-4acf-9cdd-48a198dccaf7&hideController=false&pageLoadStartTime=1654025600958&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:24:19 GMT
content-encoding: gzip
age: 367743
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 19:30:05 GMT
server: nginx
etag: W/"0acdec75866877b24270204115232f7e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aiPDEm4D2Bkf2mxAPrgY6z1WDhotyEvB
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n1O1xCdcUy6CERuw4Kcma7reXgW1ug29tXnnZJXVIIStjNae2GIoKA==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 8ms
8ms Image
image/png 2600:9000:225e:4800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: capitolcanary.com
URL: https://capitolcanary.com/fake-page?mkt_tok=NDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Age: 37641
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Date: Tue, 31 May 2022 09:06:02 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8KaOIWbpOxBe8VSWW2U5I6TVN2ywqfxsvF5MdVif2kwxQIFueryTQQ==

GET
H2 200 forms2.css
app-sj20.marketo.com/js/forms2/css/ 13 KB
3 KB 39ms
38ms Stylesheet
text/css 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5214
content-length: 2623
last-modified: Tue, 03 May 2022 03:46:42 GMT
server: cloudflare
etag: "74039a-3437-5de135b5b2c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7142240f5a129be0-FRA
expires: Tue, 31 May 2022 23:33:22 GMT

GET
H2 200 forms2-theme-simple.css
app-sj20.marketo.com/js/forms2/css/ 826 B
380 B 22ms
21ms Stylesheet
text/css 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5214
vary: Accept-Encoding
content-length: 242
last-modified: Tue, 03 May 2022 03:46:42 GMT
server: cloudflare
etag: "dc0386-33a-5de135b5b2c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7142240f5a149be0-FRA
expires: Tue, 31 May 2022 23:33:22 GMT

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame B560 3 KB
1 KB 6ms
6ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:16 GMT
content-encoding: gzip
age: 3352146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:53 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zafhXzyL2Oqiwkpju.1_.RysXhnH6Str
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YybprKDxLzAvJeP3_5LlIKdNGrAGajPT50YjK1tiV8RGQ1lsv3BbVw==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 3 KB
2 KB 7ms
6ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 21 May 2022 02:03:42 GMT
content-encoding: gzip
age: 926980
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 20 May 2022 18:01:28 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4EWTvHeOdhIntYjosic7AFXOX_tcgSBK
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t7QL4KKR3G4dmX4uytnH0NB65j51XZ-N1HflFY7rbQZWuMBemA0GiQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 9 KB
3 KB 8ms
7ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 1793748
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Rne_tEdxvCB3gKBWwWoa29d8k107oCtydMLjQidfPdm2n1t2FEolPg==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame B560 7 KB
2 KB 8ms
7ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:55:13 GMT
content-encoding: gzip
age: 1013889
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EYaActPVD3Au4y9ezb93snVitJpekZ.W
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qAQwNjFoCmgZTDUTUW-rZ18hnVQIiu6sRGNeIrpPPutxTz1ogGJ_-Q==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 54 KB
16 KB 9ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:24:13 GMT
content-encoding: gzip
age: 1267749
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 16 May 2022 20:01:18 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NnvRo1dj8UXgly2rlBFaRZ5_pxX2rVSN
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Us84i5DOyo5HTf20rNHT1Ji-zPHYOwHFDkhUX3jbByX8KA9DL8_MwA==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame B560 43 KB
7 KB 8ms
8ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:02:23 GMT
content-encoding: gzip
age: 2521859
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NDVBsNLgITAyanG2chz6_hhZC25SbNrt
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o7dAht2phrd-33E8vAfPNk1ta17q7znOn38dA_ujPPMeOSMGCEk15Q==

GET
H2 200 1.f298ec7a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 73 KB
25 KB 10ms
9ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.f298ec7a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

be288a41ffdf2321d64b08c841c0bca688111ccd5391b07d1ed945696d08a143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:24:19 GMT
content-encoding: gzip
age: 367743
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 19:30:04 GMT
server: nginx
etag: W/"d1a9c9ea5357be9b463d43c3d40b1a21"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gSWr7DGPKjOvUOObAOXMn_SedMUUGNba
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q6f9MVNML9BklfU9b5EDXJ7pgiK664lWPWc5uHNv4nZmYEYpSQAJXg==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame B560 12 KB
3 KB 9ms
8ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:53:21 GMT
content-encoding: gzip
age: 1024801
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:04 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1lpzVvOGjxttW0f_QbstumkkNbSGGIAD
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VoyN8uR8fG14oc7y9imBBV_XiY3nktRep7hdg9I5HxEEuodHNF9QxQ==

GET
H2 200 30.b309d6ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B560 11 KB
5 KB 10ms
10ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.b309d6ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.279ec64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2d0cdd09c5006ed29290e45afc7c2cd37751bb446e99fc5767252b5f0111be59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654025600958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 520259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"7dd277950241bcebd0bdbbb7d9cdab6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hKJsDkMxRQ0R_AMuTupCkkz.ZnAAlr5B
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dulZANTMcj_5wnHJ1BHNEh5VEdQI3hLSBCtLEaNXRNf7zI4OwRM8ww==

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
444 B 98ms
97ms XHR
text/plain 3.224.78.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=rudbwtV5Hy_XalBAJdV4nQ&is_js=true&landing_url=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&t=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&tip=Ck7BYM_QSS3un_UT3T00JkyNfRqS6b3FoMft62huTL8&host=https://capitolcanary.com&sa_conv_data_css_value=%20%220-6c6ba571-594f-49c6-6988-3633a0b2499d%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9298261eaa8a843134c9d27f90ca1d6dad9409720&sa-user-id-v2=s%253A0-6c6ba571-594f-49c6-6988-3633a0b2499d%2524ip%2524217.64.151.32.CG%252FvKTVYTeiO9ycezpgG1Gfn6oPd1b%252Bc1nlCDq9VoEU&sa-user-id=s%253A0-6c6ba571-594f-49c6-6988-3633a0b2499d.t%252FKYIGPp4jUHI70kTGOi4ACPcwC2Q2hpthFiXe0VK2k
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.78.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-78-34.compute-1.amazonaws.com
Software: /
Resource Hash: 250a093f7e99e4da00e86ea8ab8301c6dd652d8a47c519e3d8f37644807ff549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:33:22 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://capitolcanary.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H2 200 webfont.js Show response
om1.capitolcanary.com/app/js/webfont/1.5.18/ 16 KB
7 KB 18ms
18ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://om1.capitolcanary.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: om1.capitolcanary.com
URL: https://om1.capitolcanary.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-198
cdn-cachedat: 05/26/2022 01:19:17
cdn-pullzone: 99152
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Wed, 20 Apr 2022 21:49:22 GMT
cdn-proxyver: 1.02
cdn-fileserver: 339
etag: W/"62607fe2-40cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 983a08fb696b96d142a5e74c0f398628
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 338ms
104ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 31 May 2022 19:33:22 GMT
requestid: driftcebcb0a43109ea95356ce434151
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame E951 25 B
122 B 115ms
112ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
server: istio-envoy
requestid: eaea80bdc5593fc0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame E951 147 B
245 B 102ms
102ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

8c4c71b0169b02ae8c5a0ba34b1acccfe2c52589f2ab3457edce9db2c7b53f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 19:33:22 GMT
server: istio-envoy
requestid: 8685f524b4e2d2c3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 343ms
101ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 31 May 2022 19:33:22 GMT
requestid: driftefa5d5b4ef880995f7c822b881b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 XDFrame Show response
app-sj20.marketo.com/index.php/form/ Frame C42F 2 KB
894 B 640ms
640ms Document
text/html 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/index.php/form/XDFrame

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89a8bee77d21587af1a9e0dcd26a779b62436084eaf136c354ff1bf39f2c280

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 714224104c519be0-FRA
content-encoding: gzip
content-length: 651
content-type: text/html; charset=utf-8
date: Tue, 31 May 2022 19:33:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3FE4 0
18 B 15ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://capitolcanary.com
Referer: https://capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://capitolcanary.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 19:33:22 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 collect Show response
www.clarity.ms/eus2-f/ 0
132 B 134ms
134ms XHR
text/plain 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://capitolcanary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://capitolcanary.com
date: Tue, 31 May 2022 19:33:22 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0gm2WYgAAAABSm4mEQfKBS4D2O+n2XcoWTFRTRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 forms2.min.js Show response
app-sj20.marketo.com/js/forms2/js/ Frame C42F 205 KB
68 KB 24ms
24ms Script
application/x-javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj20.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-sj20.marketo.com
URL: https://app-sj20.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-sj20.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 03:46:42 GMT
server: cloudflare
age: 5215
etag: "74039e-3326e-5de135b5b2c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 714224145e7e9be0-FRA
expires: Tue, 31 May 2022 23:33:23 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=79CB49F9464C49ED9B5FB7F823B3331B&RedC=c.clarity.ms&MXFR=2DAACC5F4F4E657C3760DDEA4B4E6B40
https://c.clarity.ms/c.gif?CtsSyncId=79CB49F9464C49ED9B5FB7F823B3331B&MUID=09D3ECD875AB6C053E9EFD6D74796D4A

42 B
370 B

28ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=79CB49F9464C49ED9B5FB7F823B3331B&MUID=09D3ECD875AB6C053E9EFD6D74796D4A
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:23 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 10C6138B2C8244F282913D11D39421C3 Ref B: FRAEDGE1314 Ref C: 2022-05-31T19:33:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=79CB49F9464C49ED9B5FB7F823B3331B&MUID=09D3ECD875AB6C053E9EFD6D74796D4A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 3327 0
182 B 104ms
31ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&upid=21br8ux&upv=1.1.0&gdpr=1&gdpr_consent=null
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 31 May 2022 19:33:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5A0D 0
181 B 149ms
87ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=owmpeom&ref=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&upid=21br8ux&upv=1.1.0&gdpr=1&gdpr_consent=null&ret=845
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://capitolcanary.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 31 May 2022 19:33:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=884235421&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25&el=%2Ffake-page&_u=aADAAEABQAAAAC~&jid=&gjid=&cid=1381390287.1654025602&tid=UA-33465110-1&_gid=919429356.1654025602&gtm=2wg5p1TS9B9K9&z=2054870515

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:20:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43945
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=884235421&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&ul=en-us&de=UTF-8&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50&el=%2Ffake-page&_u=aADAAEABQAAAAC~&jid=&gjid=&cid=1381390287.1654025602&tid=UA-33465110-1&_gid=919429356.1654025602&gtm=2wg5p1TS9B9K9&z=1693041060

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 07:20:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43945
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame E951 25 B
88 B 114ms
114ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 19:33:24 GMT
server: istio-envoy
requestid: fc84b9e583c2128a
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 102ms
101ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 31 May 2022 19:33:24 GMT
requestid: drift48dcfa146ff89eb71e2235fe1dd
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 204 collect Show response
www.clarity.ms/eus2-f/ 0
131 B 99ms
99ms XHR
text/plain 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://capitolcanary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://capitolcanary.com
date: Tue, 31 May 2022 19:33:24 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0hW2WYgAAAAAE7QhD8LuQQ6obanTvMF2fTFRTRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 css
fonts.googleapis.com/ 8 KB
777 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500%7COpen+Sans:600,400

Requested by

Host: om1.capitolcanary.com
URL: https://om1.capitolcanary.com/app/js/webfont/1.5.18/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f5804383319c066f76d0e0ec1c1d1c0ba4c4e200cebc9ba15eefd0aa4eb0c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 19:33:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 19:33:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 19:33:25 GMT

GET
H2 200 font-awesome.css
om1.capitolcanary.com/app/js/font-awesome/4.7.0/css/ 37 KB
8 KB 13ms
13ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://om1.capitolcanary.com/app/js/font-awesome/4.7.0/css/font-awesome.css
Requested by: Host: om1.capitolcanary.com
URL: https://om1.capitolcanary.com/app/js/webfont/1.5.18/webfont.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:25 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-197
cdn-cachedat: 05/26/2022 01:24:05
cdn-pullzone: 99152
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Wed, 20 Apr 2022 21:49:28 GMT
cdn-proxyver: 1.02
cdn-fileserver: 333
etag: W/"62607fe8-9226"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: baf0271960a2d6f6116a9ef30c6b44a1
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
30 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500%7COpen+Sans:600,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 8780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:07:05 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 15ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500%7COpen+Sans:600,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 72076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 23:32:09 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 17ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500%7COpen+Sans:600,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 72076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 23:32:09 GMT

GET
H2 200 421558cba642fbc16013e5473883cdd8-optin.json Show response
om1.capitolcanary.com/app/campaign-views/5c366117de21/i57yvi9bgc3xiejmfo5p/ 26 KB
6 KB 45ms
16ms XHR
application/json 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://om1.capitolcanary.com/app/campaign-views/5c366117de21/i57yvi9bgc3xiejmfo5p/421558cba642fbc16013e5473883cdd8-optin.json
Requested by: Host: om1.capitolcanary.com
URL: https://om1.capitolcanary.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: b528a98a8c76da4d079b97faaab267f4b0d206ef42e5d638268da701df4a0592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:26 GMT
content-encoding: br
cdn-edgestorageid: 459
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 05/27/2022 11:11:26
cdn-pullzone: 99152
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Wed, 06 Apr 2022 16:48:45 GMT
cdn-proxyver: 1.02
cdn-fileserver: 269
etag: W/"624dc46d-6890"
vary: Accept-Encoding
content-type: application/json
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: d91526dd9cc5d352371d1abb9335e570
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fontawesome-webfont.woff2
om1.capitolcanary.com/app/js/font-awesome/4.7.0/fonts/ 75 KB
76 KB 18ms
18ms Font
binary/octet-stream 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://om1.capitolcanary.com/app/js/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: om1.capitolcanary.com
URL: https://om1.capitolcanary.com/app/js/font-awesome/4.7.0/css/font-awesome.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://om1.capitolcanary.com/app/js/font-awesome/4.7.0/css/font-awesome.css
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 19:33:26 GMT
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 05/26/2022 01:50:06
cdn-pullzone: 99152
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 77160
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Wed, 20 Apr 2022 21:49:28 GMT
cdn-proxyver: 1.02
cdn-fileserver: 333
etag: "62607fe8-12d68"
content-type: binary/octet-stream
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestpullcode: 200
cdn-requestid: 4822265b4de0bfb8ff81e2715de36f0b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
30 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500%7COpen+Sans:600,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://capitolcanary.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 8781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:07:05 GMT

GET
H/1.1 204
No Content i Show response
om2.capitolcanary.com/z/v3/ 0
291 B 293ms
292ms XHR
text/plain 104.248.111.229
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://om2.capitolcanary.com/z/v3/i?aid=45819&cid=i57yvi9bgc3xiejmfo5p&sid=61e83b5533489&rt=false&dv=desktop&cty=floating&url=fake-page&v=5
Requested by: Host: om1.capitolcanary.com
URL: https://om1.capitolcanary.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.111.229 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/0.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 19:33:26 GMT
Via: kong/1.3.0
Server: kong/0.14.1
X-Kong-Proxy-Latency: 1
Vary: Origin
Access-Control-Allow-Origin: https://capitolcanary.com
X-Kong-Upstream-Latency: 197
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-80CPFVSEDB&gtm=2oe5p1&_p=884235421&_z=ccd.tdB&cid=1381390287.1654025602&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=2&sid=1654025601&sct=1&seg=0&dl=https%3A%2F%2Fcapitolcanary.com%2Ffake-page%3Fmkt_tok%3DNDg2LVZLSS00OTQAAAGEuln0NafHUweVMtos3uQzBSvpBFdNlfYGaUaVMvUw14d8oPi99j_7nwNlBVuAGKKRobLtk66b36a19mN-wbeGgfbVyu5-9-eaWBDPvHixhg&dr=http%3A%2F%2Fabout2.capitolcanary.com%2F&dt=FP%20Win%20with%20Capitol%20Canary%20-%20Capitol%20Canary&en=scroll&_et=85&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80CPFVSEDB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capitolcanary.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 19:33:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://capitolcanary.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame E951 25 B
85 B 101ms
101ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 19:33:27 GMT
server: istio-envoy
requestid: e6c292933af07673
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 100ms
100ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 31 May 2022 19:33:27 GMT
requestid: drift2b4ff174550b5dc511c309963f9
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 204 collect Show response
www.clarity.ms/eus2-f/ 0
133 B 102ms
101ms XHR
text/plain 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://capitolcanary.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://capitolcanary.com
date: Tue, 31 May 2022 19:33:28 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0iG2WYgAAAAAFTBH4BnZfQZkPIo+BiIOCTFRTRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
about2.capitolcanary.com/	1969-12-31 23:59:59	Name: BIGipServersj_mailtracking_http Value: !h5N8kw2qA3KfM0nMZROflEEG2tCikkxTZiVkOqTxutlbhfb+nNs9WSr7DnXtfRF2I493+pIqnDY6xoE=
.capitolcanary.com/	1970-01-20 05:38:24	Name: _gaexp Value: GAX1.2.ULaZhAx5S3GCynYEzv5gtg.19235.1
.capitolcanary.com/	1970-01-20 20:58:17	Name: _ga_MR1REW8MSK Value: GS1.1.1654025601.1.0.1654025601.60
.capitolcanary.com/	1970-01-20 05:36:41	Name: _gcl_au Value: 1.1.998864057.1654025602
.capitolcanary.com/	1970-01-20 20:58:17	Name: _mkto_trk Value: id:486-VKI-494&token:_mch-capitolcanary.com-1654025601801-67506
.capitolcanary.com/	1970-01-20 20:58:17	Name: _ga_80CPFVSEDB Value: GS1.1.1654025601.1.0.1654025601.60
.bing.com/	1970-01-20 12:48:41	Name: MUID Value: 09D3ECD875AB6C053E9EFD6D74796D4A
.ws.zoominfo.com/	1970-01-20 12:12:41	Name: visitorId Value: 6a7585da1564a53ea8cecf4d4044c6976fb667c694b49936c5f0dee4f74283e7
.app-sj20.marketo.com/	1970-01-20 03:27:07	Name: __cf_bm Value: qgaHNqKRJSzq5i6pTWvW2bX81NmVZAArctVLs4YWlPI-1654025601-0-AZVlvP2mA96/hf+izxoqMjfDo37ZsUFVMmOTCDBpGsEMGZCg/ay/zf2Q9Z94+L3UhWyRHn+Y4bUrissc1e96jSY=
.capitolcanary.com/	1970-01-20 20:58:17	Name: _ga Value: GA1.2.1381390287.1654025602
.capitolcanary.com/	1970-01-20 03:28:32	Name: _gid Value: GA1.2.919429356.1654025602
.capitolcanary.com/	1970-01-20 03:27:05	Name: _gat_UA-33465110-1 Value: 1
tracking.g2crowd.com/	1970-01-20 03:47:15	Name: _session_id Value: 969f2fb4ebb65e2cbdce9e7e98c39d09
.g2crowd.com/	1970-01-20 03:27:07	Name: __cf_bm Value: uPZaoyahoD9s894jsIMrbwpdEKNzacMS6RlP0.Pxq0Y-1654025602-0-ARD2M8buXKM0/YacCnBNcq8UQjFJqF5bXN96m9yVwaOwbGc2dNd/uwSESqLr5m8mpTcojl1r0+Jx7Inq5uqPTR0=
www.clarity.ms/	1970-01-20 12:12:41	Name: CLID Value: 76bc764331194e6f8a0f2ec3994c14cd.20220531.20230531
tags.srv.stackadapt.com/	1970-01-20 12:12:41	Name: sa-user-id Value: s%3A0-6c6ba571-594f-49c6-6988-3633a0b2499d.t%2FKYIGPp4jUHI70kTGOi4ACPcwC2Q2hpthFiXe0VK2k
.srv.stackadapt.com/	1970-01-20 12:12:41	Name: sa-user-id-v2 Value: s%3AbGulcVlPScZpiDYzoLJJndlAlyA.3Y17Dp9r%2Fiigg4im4gajrOiRVZ%2BHIlc%2FV%2BBPkN6tPI4
.doubleclick.net/	1970-01-20 03:27:06	Name: test_cookie Value: CheckForPermission
capitolcanary.com/	1970-01-20 12:12:41	Name: sa-user-id Value: s%253A0-6c6ba571-594f-49c6-6988-3633a0b2499d.t%252FKYIGPp4jUHI70kTGOi4ACPcwC2Q2hpthFiXe0VK2k
capitolcanary.com/	1970-01-20 12:12:41	Name: sa-user-id-v2 Value: s%253A0-6c6ba571-594f-49c6-6988-3633a0b2499d%2524ip%2524217.64.151.32.CG%252FvKTVYTeiO9ycezpgG1Gfn6oPd1b%252Bc1nlCDq9VoEU
.linkedin.com/	1970-01-20 04:10:17	Name: UserMatchHistory Value: AQKRyEhZXs7gcgAAAYEbm8QELkLtnY1gS_4yG35gBnJPJ36pQE9kDiYjQ85TtYlVLSQDWc0MKkoDWA
.linkedin.com/	1970-01-20 04:10:17	Name: AnalyticsSyncHistory Value: AQKRJgua8EMpGQAAAYEbm8QEV-NV2hpMFm5370yuBD6I_FTDvbw6W0rcYA5Ew4hidOJSXp0Z9qHwxK20iapHsA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:58:59	Name: bcookie Value: "v=2&797c2915-f3ad-4444-8877-cde85cc8b0ca"
.linkedin.com/	1970-01-20 03:28:32	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2551:u=1:x=1:i=1654025602:t=1654112002:v=2:sig=AQH6-mkvGZ3799mZr9YKt0tmQEJt2Jrc"
capitolcanary.com/	1970-01-24 03:25:39	Name: _omappvp Value: vB11T6djlNLirjSloe5bHaohQNUjUK6AQzpicS783gspF5yrAtjycX7SDjvRWdsoLvXSVPHakTaqEZWE2tdhca7b49fpIE6n
capitolcanary.com/	1970-01-20 03:27:06	Name: _omappvs Value: 1654025602149
capitolcanary.com/	1970-01-20 03:27:07	Name: drift_campaign_refresh Value: a0e27a79-b693-4acf-9cdd-48a198dccaf7
.capitolcanary.com/	1970-01-20 03:28:32	Name: _uetsid Value: 882ca4f0e11811eca2fd719182b4ab32
.capitolcanary.com/	1970-01-20 12:48:41	Name: _uetvid Value: 882ccaf0e11811ecb3eabd722c603da3
.capitolcanary.com/	1970-01-20 05:36:41	Name: _fbp Value: fb.1.1654025602214.992399366
.capitolcanary.com/	1970-01-20 12:12:41	Name: _clck Value: 16wuyky\|1\|f1x\|0
.facebook.com/	1970-01-20 05:36:41	Name: fr Value: 0UuL2D96JCafcp6mn..Bilm2C...1.0.Bilm2C.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 20:58:59	Name: bscookie Value: "v=1&20220531193322893b0207-d52e-4708-8f9f-7cb83d44db2eAQFd-itMt5Qp4Ckm_JR6gGJ_gWrDlnjN"
.linkedin.com/	1970-01-20 20:47:01	Name: li_gc Value: MTswOzE2NTQwMjU2MDI7MjswMjFi93Jo+QgpdJjbX4RT6VciJ/Irv7AxS2diq1xbY2srVg==
.capitolcanary.com/	1970-01-20 12:12:41	Name: _hjSessionUser_574101 Value: eyJpZCI6ImJkNDMyMzNkLWEyNjYtNTcwNy05NWU0LTViNTA4NmJlOGQ4NiIsImNyZWF0ZWQiOjE2NTQwMjU2MDE4NzMsImV4aXN0aW5nIjpmYWxzZX0=
.capitolcanary.com/	1970-01-20 03:27:07	Name: _hjFirstSeen Value: 1
capitolcanary.com/	1970-01-20 03:27:05	Name: _hjIncludedInSessionSample Value: 0
.capitolcanary.com/	1970-01-20 03:27:07	Name: _hjSession_574101 Value: eyJpZCI6IjRhMWUzNmQyLTdlOWQtNDVmNC04YTFjLTMzZTI2NGI0OTRlMyIsImNyZWF0ZWQiOjE2NTQwMjU2MDIyOTUsImluU2FtcGxlIjpmYWxzZX0=
.capitolcanary.com/	1970-01-20 03:27:07	Name: _hjAbsoluteSessionInProgress Value: 0
.capitolcanary.com/	1970-01-20 03:28:32	Name: _clsk Value: 7nxbg1\|1654025602478\|1\|1\|www.clarity.ms/eus2-f/collect
.c.bing.com/	1970-01-20 12:48:41	Name: SRM_B Value: 09D3ECD875AB6C053E9EFD6D74796D4A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:48:41	Name: MUID Value: 09D3ECD875AB6C053E9EFD6D74796D4A
.c.clarity.ms/	1970-01-20 03:27:06	Name: ANONCHK Value: 0
capitolcanary.com/	1970-01-20 04:10:17	Name: omSeen-i57yvi9bgc3xiejmfo5p Value: 1654025606113

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-gM/PGanWnVLIZEz9gAOlvHrpgS1K9FCDZc19GbazuUg=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

486-vki-494.mktoresp.com
about2.capitolcanary.com
analytics.google.com
app-sj20.marketo.com
bat.bing.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
capitolcanary.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grow.clearbitjs.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
metrics.api.drift.com
munchkin.marketo.net
om1.capitolcanary.com
om2.capitolcanary.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
script.hotjar.com
secure.wine9bond.com
sjrtp4-cdn.marketo.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
tracking.g2crowd.com
vars.hotjar.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
104.111.216.226
104.16.94.80
104.199.120.76
104.248.111.229
108.138.15.119
13.107.42.14
142.250.186.98
18.66.112.118
18.66.139.28
18.66.97.49
192.28.147.68
199.15.215.8
216.24.57.253
23.205.237.4
2600:9000:225e:4800:6:9280:1080:93a1
2606:4700:4400::6812:2437
2606:4700::6810:650c
2620:1ec:21::14
2620:1ec:27::cafe:2080
2620:1ec:c11::200
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:400c:c08::9c
2a00:1450:4014:80a::2002
2a02:26f0:3500:16::215:14a0
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8083:face:b00c:0:25de
3.224.78.34
34.193.113.164
51.11.20.152
52.142.114.2
52.222.236.74
52.223.40.198
54.147.21.139
63.34.234.143
84.17.46.53
0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
0575f510d4354d5dd35a0920d988a8122936fde30a9dd5f9d3d1dfc0ad7df147
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
09f2ff5cd11b1e37a29b2935d9fcadfb7fa18d0982c22e22626d990bdcc661ae
09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3
0a904bdffeaa6adf503ebd227303a2c0e8e534789a39376f602727bfab444c00
0aa5201729bac890535667e48073ab88a75040b0858a54292ec020832e4aee24
0b8acc0c1a541b4572172f8c39ff60f586962fa6bb9f1edd840d1d77da1d3818
0c3665152b9a84eebcf5a4576714e984baa76d79989043d6edf9a099236891c7
0e4db91e933957c952cea51bd5f9c81f9bc76828d8ab55cfff71a74f6c4b640d
10094e3448750a4d28c63270c34a48a713985bcc5602ffc783e2a3e187d9ccff
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
191fc6eaefd3f8242ba2bf7c95c00037e65ca3b53e28541b8b88d215a87c1425
197c9364c177615ee4b6b9633a9fbc7c0adb5eea2914b316676ad9e44854851c
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
1ef2295ea6caf62a442b628a4d75360de128fded1ab50c58b4e39ef6d8f7f7a6
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f
250a093f7e99e4da00e86ea8ab8301c6dd652d8a47c519e3d8f37644807ff549
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cefcc46cc948d5f415ee62ac12acf01027b8c92b5602f380b3c33b63465603f
2d0cdd09c5006ed29290e45afc7c2cd37751bb446e99fc5767252b5f0111be59
2f266be2c8dcaa0d833e327744db160b6e5edecad0da8f0f081a5ff22c64e74e
31acfb740ba1679a810fae919d0566a47ca1bf2712106334779d9be741bc9d05
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3f85f9f44568e096e459e14198c1600cb30afccaf85d181e034c340154e11772
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
42ff0fa4f78fe7d223525898ede1cba6d4a26cd5ded057c223dbcb9fc8c7fa1b
44c1e4738705bab988e778131a999b93fd5f1f5f1d815f3bb652c6434fc9c992
494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01
4a28ce5e399fac8e5754e5b4430ef015f757972050e67699b03b08a07831ae30
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4caad9356eb00a49e44aeb99d536873c9c167c5d42fede317e1a14ec19ee10d8
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
581a118e4a2b33f2d2738b1e0a946a0223e9e6d0bcc579463148d6ea1d089cf4
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
58a8ee8343dd99744f9da7978bc8f12edd5e8509ed1c8f1cd676069785e3d7ad
5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48
5c819472f51c8823d70d8fb76ffd61645f7d408195ef110217262b4e890886f2
5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5f5804383319c066f76d0e0ec1c1d1c0ba4c4e200cebc9ba15eefd0aa4eb0c1a
60cd5cce6b3766b833945067c3df40cbd33c12eb12c5e1eb5fd915501bf89b16
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
643e504c5417068283c7ba2a2e348b0f6c12da9e7b328470424453466d69efa1
652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
686d1cc4591be1b9f730e75e49c40772acd308b5188db5dc4448eb96f15f9a66
694dbae9bc1afb7159bc85a5079dc8bfd0b8d3993952f9cb5896a55597cd375e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73a2496c04cacc466323c431768e0c5e6e689afd55645e532cb5be961971c966
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
78046cd6631b3017a00edaeaa997b298e5674c43d3aba9ae07a225e4acf23da5
7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df
7f708f3b9f6f2d8adf30af30703a6f5aff12e3685f56a255c3d20c67aba707de
8157a599696973f6aa1e13967f0bdfaf50902b0cea71aace9f9cdf3dcf64a582
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c596f0b5b3cc2089b73383cca49345a2c6459cfb81e9c7253549e9e61420b1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8637926881bcb60aad538e349b94b8d8f1a005aad40238913b306902986b9a8b
882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c
8a90b0a97065fb0d36744a9db61b9e421d7198e35b9d31c71154a9f4f57d3fff
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8b934f3213c33c849410d6edf4fa6f85f970839503d462d94413bd8c15a2e106
8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a
8c16ca6e80ceb36ff3400cb377e38398f6b7cf2a266958ee2c2f3b6698f5317b
8c4c71b0169b02ae8c5a0ba34b1acccfe2c52589f2ab3457edce9db2c7b53f58
8dff6b8a49a7729f2f1c734d8bbc3a7a7bcda5f4474bf975dd5712578123d2e6
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
943be3a302dc3b02806a3abc3a2c70b757484bb9992b4986cc1cc1f10d292eb7
9466faa62064804d275c560d82572587e8cf6b2bd7079897d5ec3279b8122165
946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036
951a3f149026bb8e5b224330b22e0be9771302d9f2c7461ca3b7d83900bff22f
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
97da09ae98803932c42d9e9cfe80acc4d2953b60cc6020acf11a19f04689283c
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5c3883eada0e4577732081b0979554f9c24570ec71bd766e9a2658e7703603
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9cde763fe845775f058ffe78fc3a35daa8ce38da895a2c33603acecc3dbd6efe
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9d9d970a77e6fc456e0e58bccd8be08a20e845a78b78b991360efcfa38b45138
a0b4e1978c954ef1b191725c1a7b725e24a5d89b9242f9342d1b69694d7117bd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aad7aa1a4b01b34fabc6eb823865de09b1019050b80c8ddbc2d68667d92217ef
b528a98a8c76da4d079b97faaab267f4b0d206ef42e5d638268da701df4a0592
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bcf935328b872f254a1b956b0aa6a653907ab015480080a4090813c322220ce1
be288a41ffdf2321d64b08c841c0bca688111ccd5391b07d1ed945696d08a143
c188557397a42a95fdfac35e0b20024e3816fe88321fee2c87aaa2c0b7abf0dd
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6
c89a8bee77d21587af1a9e0dcd26a779b62436084eaf136c354ff1bf39f2c280
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9
dc99c5ab2f442defb7468977d0309775969d81dbe27ac828e019fcccac7ccaa1
dd029f338de8c7894abbd11b53992e230abd401456f5c36a55e8ff8f8d83c8fe
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5
e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ece60a396d929c226ee0d4944ecaef3729868828757792971606552f428a3d39
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f1f8f7c12ef6b6f9b5ee9e61c7e158a15581e5feb773206630ad140beeda27b6
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f341e12f7cfd1002b96791f4058b98f42e8d98ef90cf649b643e9ea2ce5b47a2
f516c74c03e4dbf3b8089880fa20909c37eee62b3d000615b6202e04cccc90a5
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff1b277f5f04deff0a69474f2616c18775058f967f7b9e8dea7b27c0aca9bd6f
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

capitolcanary.com Open in urlscan Pro 104.199.120.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

213 Requests

98 %HTTPS

44 %IPv6

29 Domains

44 Subdomains

40 IPs

8 Countries

2440 kBTransfer

7301 kBSize

47 Cookies

4 Outgoing links

Page URL History

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

capitolcanary.com Open in urlscan Pro
104.199.120.76 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

98 %
HTTPS

44 %
IPv6

29
Domains

44
Subdomains

40
IPs

8
Countries

2440 kB
Transfer

7301 kB
Size

47
Cookies

213 HTTP transactions
0 data transactions