www.armorblox.com Open in urlscan Pro
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a  Public Scan

URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Submission Tags: falconsandbox
Submission: On September 16 via api from US — Scanned from DE

Summary

This website contacted 41 IPs in 6 countries across 34 domains to perform 220 HTTP transactions. The main IP is 2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.armorblox.com.
TLS certificate: Issued by R3 on July 20th 2022. Valid for: 3 months.
This is the only time www.armorblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
66 2a05:d014:275... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
16 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
2 104.96.148.88 16625 (AKAMAI-AS)
4 152.195.15.58 15133 (EDGECAST)
1 18.66.15.64 16509 (AMAZON-02)
1 205.185.216.10 20446 (STACKPATH...)
1 2 52.30.214.212 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 104.16.93.80 13335 (CLOUDFLAR...)
1 13.32.121.107 16509 (AMAZON-02)
1 192.28.147.68 15224 (OMNITURE)
8 104.111.233.140 16625 (AKAMAI-AS)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 184.73.246.234 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 3.33.220.150 16509 (AMAZON-02)
1 185.89.210.82 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.58.117.7 16509 (AMAZON-02)
3 4 54.162.244.84 14618 (AMAZON-AES)
1 18.214.79.220 14618 (AMAZON-AES)
1 1 172.217.23.98 15169 (GOOGLE)
1 34.98.64.218 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
61 18.66.147.90 16509 (AMAZON-02)
3 54.147.21.139 14618 (AMAZON-AES)
2 50.16.7.188 14618 (AMAZON-AES)
220 41
Apex Domain
Subdomains
Transfer
82 armorblox.com
www.armorblox.com
assets.armorblox.com
6 MB
62 driftt.com
js.driftt.com — Cisco Umbrella Rank: 4993
rc-animation-feature.js.driftt.com
732 KB
8 6sc.co
j.6sc.co — Cisco Umbrella Rank: 6334
c.6sc.co — Cisco Umbrella Rank: 9557
b.6sc.co — Cisco Umbrella Rank: 4416
13 KB
6 clickagy.com
tags.clickagy.com — Cisco Umbrella Rank: 6675
aorta.clickagy.com — Cisco Umbrella Rank: 1502
hemsync.clickagy.com — Cisco Umbrella Rank: 5955
16 KB
6 marketo.com
app-sj27.marketo.com — Cisco Umbrella Rank: 225024
144 KB
5 drift.com
metrics.api.drift.com — Cisco Umbrella Rank: 5522
bootstrap.api.drift.com — Cisco Umbrella Rank: 5833
368 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
61 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 430
p.typekit.net — Cisco Umbrella Rank: 577
138 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
4 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
www.linkedin.com — Cisco Umbrella Rank: 623
px4.ads.linkedin.com — Cisco Umbrella Rank: 6198
3 KB
3 humanautomation.ai
analytics.humanautomation.ai — Cisco Umbrella Rank: 310322
24 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6352
719 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
719 B
3 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 7221
33 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
388 B
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 11205
422 B
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 624
521 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
54 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
2 bidr.io
segment.prod.bidr.io — Cisco Umbrella Rank: 6762
1 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 2665
7 KB
2 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 410
8 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 561
98 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 396
304 B
1 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 432
701 B
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4816
2 KB
1 mktoresp.com
176-xmj-030.mktoresp.com
318 B
1 storyblok.com
api.storyblok.com — Cisco Umbrella Rank: 85868
18 KB
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 9270
202 B
1 digitaloceanspaces.com
metadata-static-files.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 32800
6 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 769
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
81 KB
1 googleusercontent.com
lh5.googleusercontent.com — Cisco Umbrella Rank: 133
220 34
Domain Requested by
66 www.armorblox.com www.armorblox.com
cdn.bizible.com
61 rc-animation-feature.js.driftt.com js.driftt.com
rc-animation-feature.js.driftt.com
16 assets.armorblox.com www.armorblox.com
6 b.6sc.co www.armorblox.com
6 app-sj27.marketo.com www.armorblox.com
app-sj27.marketo.com
5 www.google-analytics.com www.googletagmanager.com
www.armorblox.com
4 aorta.clickagy.com 3 redirects cdn.bizible.com
4 use.typekit.net www.armorblox.com
use.typekit.net
3 metrics.api.drift.com rc-animation-feature.js.driftt.com
3 analytics.humanautomation.ai www.armorblox.com
analytics.humanautomation.ai
3 www.google.de www.armorblox.com
3 www.google.com www.armorblox.com
3 cdn.bizible.com www.googletagmanager.com
www.armorblox.com
cdn.bizible.com
2 bootstrap.api.drift.com rc-animation-feature.js.driftt.com
2 www.facebook.com www.armorblox.com
2 epsilon.6sense.com cdn.bizible.com
2 insight.adsrvr.org www.armorblox.com
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 connect.facebook.net www.armorblox.com
connect.facebook.net
2 googleads.g.doubleclick.net www.googleadservices.com
2 px.ads.linkedin.com 2 redirects
2 segment.prod.bidr.io 1 redirects www.armorblox.com
2 munchkin.marketo.net www.armorblox.com
munchkin.marketo.net
2 cdn.cookielaw.org www.armorblox.com
cdn.cookielaw.org
1 id.rlcdn.com www.armorblox.com
1 us-u.openx.net www.armorblox.com
1 cm.g.doubleclick.net 1 redirects
1 hemsync.clickagy.com cdn.bizible.com
1 tags.clickagy.com ws.zoominfo.com
1 c.6sc.co cdn.bizible.com
1 secure.adnxs.com cdn.bizible.com
1 ws.zoominfo.com www.armorblox.com
1 j.6sc.co www.armorblox.com
1 176-xmj-030.mktoresp.com munchkin.marketo.net
1 api.storyblok.com cdn.bizible.com
1 cdn.bizibly.com www.armorblox.com
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com www.armorblox.com
1 www.linkedin.com 1 redirects
1 p.typekit.net use.typekit.net
1 metadata-static-files.sfo2.cdn.digitaloceanspaces.com www.armorblox.com
1 js.driftt.com www.armorblox.com
1 www.googleadservices.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.googletagmanager.com www.armorblox.com
1 lh5.googleusercontent.com www.armorblox.com
220 46
Subject Issuer Validity Valid
armorblox.com
R3
2022-07-20 -
2022-10-18
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
assets.armorblox.com
Amazon
2022-01-31 -
2023-03-01
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2022-02-06 -
2023-02-07
a year crt.sh
io.bizible.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-30 -
2023-07-31
a year crt.sh
drift.com
Amazon
2022-08-24 -
2023-09-21
a year crt.sh
*.sfo2.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-18 -
2023-05-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
www.google.de
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
app-sj27.marketo.com
Cloudflare Inc ECC CA-3
2022-05-04 -
2023-05-04
a year crt.sh
*.storyblok.com
Amazon
2022-08-18 -
2023-09-15
a year crt.sh
*.mktoresp.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-30 -
2022-11-30
a year crt.sh
*.6sc.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-08 -
2023-03-11
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-25 -
2022-09-23
3 months crt.sh
analytics.humanautomation.ai
Amazon
2022-02-25 -
2023-03-26
a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3
2022-05-04 -
2023-05-04
a year crt.sh
*.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.google.de
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-13 -
2023-08-13
a year crt.sh
*.6sense.com
Amazon
2022-05-31 -
2023-06-29
a year crt.sh
*.clickagy.com
Amazon
2021-12-15 -
2023-01-12
a year crt.sh
*.drift.com
Amazon
2022-08-02 -
2023-08-31
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Frame ID: 17A858B3C0C2383B47C7AB334802712F
Requests: 153 HTTP requests in this frame

Frame: https://app-sj27.marketo.com/index.php/form/XDFrame
Frame ID: 294F3CAD27265E943BE77BD503A6AF3E
Requests: 2 HTTP requests in this frame

Frame: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: D5EB6F1CE76573F8F5660455FEC49948
Requests: 32 HTTP requests in this frame

Frame: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
Frame ID: AB2EB4633EB58C44254CB770104FE2E2
Requests: 32 HTTP requests in this frame

Screenshot

Page Title

OK Google, Build Me a Phishing Campaign

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Overall confidence: 100%
Detected patterns
  • marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

220
Requests

98 %
HTTPS

45 %
IPv6

34
Domains

46
Subdomains

41
IPs

6
Countries

7435 kB
Transfer

16621 kB
Size

36
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value= HTTP 303
  • https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1
Request Chain 65
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663304418036&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1663304418036%26url%3Dhttps%253A%252F%252Fwww.armorblox.com%252Fblog%252Fok-google-build-me-a-phishing-campaign%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663304418036&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663304418036&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&liSync=true&e_ipv6=AQJ87VRqBp3-mgAAAYNEq0XZO1I-jpnNJeUQSQLaDwbVQAedpb2vusuqvr50Z54bIVHqjow
Request Chain 140
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzowMzA4OTYzYTdkOTgwMWE0OWM1ODI1MjY5OWRjZTk4YQ HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEFc2juat6e59FUx4RXoaAGI&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
Request Chain 141
  • https://aorta.clickagy.com/liveramp_redir HTTP 302
  • https://id.rlcdn.com/711861.gif

220 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
92 KB
24 KB
Document
General
Full URL
https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
b509b3e0d4b915888169f22b05841e530955a3891ec9e4a306ca66d617e621ef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 05:00:17 GMT
etag
"10be6543b4337c2d07c7270beb58c9bd-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01GD2APFW4A2FMN0ENKTAPFFFE
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 16 Sep 2022 05:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
11425
vary
Accept-Encoding
content-length
7151
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 18:22:15 GMT
server
cloudflare
etag
0x8DA974737287FBC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5bd43f01-f01e-006a-3736-c9844d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74b709a2296b9956-FRA
jvs4ixc.css
use.typekit.net/
3 KB
956 B
Stylesheet
General
Full URL
https://use.typekit.net/jvs4ixc.css
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fb54ec2c7611cd695804c36982789e9595d5bd6bdfee1571e7918485eb82c4f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 16 Sep 2022 05:00:17 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
724
webpack-runtime-d8318743b6b92913b350.js
www.armorblox.com/
5 KB
2 KB
Script
General
Full URL
https://www.armorblox.com/webpack-runtime-d8318743b6b92913b350.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
f1890ff50be4ff79cf7cb28fed7df1839a7d430a9c31094810ec4ea8e5b2fffe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG93BAJ51Y208VW1PVPC
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"7175dfea5eaa6f4c8a10c49da3955951-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1968
x-xss-protection
1; mode=block
framework-c35e70fad454c434ae6b.js
www.armorblox.com/
127 KB
39 KB
Script
General
Full URL
https://www.armorblox.com/framework-c35e70fad454c434ae6b.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
daa698c8bbff0f8896f590e544f06c470d03af0dc6d7ecdec4b98e5f6580df5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG934A395NCA5MZ4WTVA
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"a8a6863aa2bfc86f87e9f673e9b6f860-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
40272
x-xss-protection
1; mode=block
app-2759e81c69034ed02618.js
www.armorblox.com/
60 KB
18 KB
Script
General
Full URL
https://www.armorblox.com/app-2759e81c69034ed02618.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
cb17ab922f4d5724f0a90ff0115610a966674e21428fa20b089f496a21cdf71d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG93D1STRMR1VCGD2YFX
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"03b92a58bce8cd2566ab17b51cdad94a-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
17962
x-xss-protection
1; mode=block
styles-e9d24b1846c7d6eb9685.js
www.armorblox.com/
117 B
203 B
Script
General
Full URL
https://www.armorblox.com/styles-e9d24b1846c7d6eb9685.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
dba17f1b29b3b3637d709f951023ea1655b08c6b4f40fd612c5e927ba72829fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG94HF6T4T0NEDY1PW79
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"4e47c94435c6f8cd7757b3c4c1c8a2f0-ssl"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
117
x-xss-protection
1; mode=block
252f366e-878adcd77ff7fad27068.js
www.armorblox.com/
877 B
965 B
Script
General
Full URL
https://www.armorblox.com/252f366e-878adcd77ff7fad27068.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
89bedf9a0b818f5271c43462a30b5574c4dc36f2c79838902d03f005be824c0d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG94QE3ERGGKAR3SFNWR
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"21d00b364ad7be16fc01c26b9ad7b804-ssl"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
877
x-xss-protection
1; mode=block
78e521c3-38c3d291d904954b5308.js
www.armorblox.com/
621 B
707 B
Script
General
Full URL
https://www.armorblox.com/78e521c3-38c3d291d904954b5308.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e4a3280211b5fd200c4d4d043763886820517771353f9fef82a88c52ab5855a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG94A8XJ1M4EMFS04C9W
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"68a21c67246d61f0b61b7ce94fc6b5c6-ssl"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
621
x-xss-protection
1; mode=block
1bfc9850-747a3e29b4cec7049a2c.js
www.armorblox.com/
2 KB
1 KB
Script
General
Full URL
https://www.armorblox.com/1bfc9850-747a3e29b4cec7049a2c.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
6a8f5d3db22e41774d495f5590e386c65e45ee9d6e3019ade87e5a5f9eadf5b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG94D8XGS1KP7WGYHQ6T
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"a039afcfeab1db594d24bf2f01be8170-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1169
x-xss-protection
1; mode=block
ae51ba48-e6ed8a47419732d3a4f8.js
www.armorblox.com/
607 B
694 B
Script
General
Full URL
https://www.armorblox.com/ae51ba48-e6ed8a47419732d3a4f8.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
9ab17804e34a235e778a2fcad45aac8737900071ecc51aeb9b944942faddb8a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG94XTR28EYC0FF154T5
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"fffd344963cd70e183859062aae6db03-ssl"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
607
x-xss-protection
1; mode=block
3d360dac-197c1f96ffca55a9d033.js
www.armorblox.com/
345 KB
89 KB
Script
General
Full URL
https://www.armorblox.com/3d360dac-197c1f96ffca55a9d033.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e416bac21f51ef7a9aa172a4c2f761846cb36fe6ae55b6439a6db80b3ff548ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG9432WTR3HF0MT0G70C
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"31ad224a3d00395901ff5cfee45111b8-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
91426
x-xss-protection
1; mode=block
629e4ffc-1c5d96352745684bfb96.js
www.armorblox.com/
606 KB
296 KB
Script
General
Full URL
https://www.armorblox.com/629e4ffc-1c5d96352745684bfb96.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e833fbc02878a06d85aa9e8378e939c676f085fbe2d7d385c85450538bfcbc92
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APG94AEENWHR7ZN99F5XG
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"c8bd496380c82e13d91c6a87324575f2-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
303021
x-xss-protection
1; mode=block
31664189-21a22dc27022fc7662f7.js
www.armorblox.com/
2 KB
1 KB
Script
General
Full URL
https://www.armorblox.com/31664189-21a22dc27022fc7662f7.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
03f8a6e311621073ef87440db078abf904e8b830e51fa2a39188ce5915531e68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAQQWTV61VQW9G9AWF
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"951383096c4a29a407644a61a815a06f-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1138
x-xss-protection
1; mode=block
05bddfcc-cef3482026f07fef8c7f.js
www.armorblox.com/
217 B
303 B
Script
General
Full URL
https://www.armorblox.com/05bddfcc-cef3482026f07fef8c7f.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
b726950d58a01f4ff987fc29a610f871b1055f749185e626a4b1916f968f1bb5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAA4T9QBS54SNN7GM73
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"b1c7638ce050c9deddafb22cf07edca9-ssl"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
217
x-xss-protection
1; mode=block
a4c92b5b-570fdb38251a4efdf646.js
www.armorblox.com/
132 KB
31 KB
Script
General
Full URL
https://www.armorblox.com/a4c92b5b-570fdb38251a4efdf646.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
5e206d921645cdd77ae1c4fb411bf3d04032d350cddadeb6888dd566ae1d5095
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAQY2KEG7X7PF3C6M0
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"eb3f2f9c23f2fae56714fbab50feea47-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
32085
x-xss-protection
1; mode=block
d64684d8-61b9f5b8dac28b8c654b.js
www.armorblox.com/
505 B
593 B
Script
General
Full URL
https://www.armorblox.com/d64684d8-61b9f5b8dac28b8c654b.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
eaf1df68503e4437806bb51d28eefe54beeebdf13684a25f2d6a9a86ee96dc32
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAATHTDCWWRHNC6QV8
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"ffb7342c734dd147905c2ee3e46ece4c-ssl"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
505
x-xss-protection
1; mode=block
e8975190-80cdbb1cdf9a33e66010.js
www.armorblox.com/
168 KB
18 KB
Script
General
Full URL
https://www.armorblox.com/e8975190-80cdbb1cdf9a33e66010.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
a58dbc67f90f6006af9638b454c3cc2d65cc7125947095587ea7c4b372b11aeb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAJ8KKGZ2NWWMZHSQP
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"44a5ffba18976b48dd60af6be975146c-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18256
x-xss-protection
1; mode=block
commons-53bd057bcb8b6db9f0ac.js
www.armorblox.com/
187 KB
61 KB
Script
General
Full URL
https://www.armorblox.com/commons-53bd057bcb8b6db9f0ac.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
5609cd1f7eecd11ee97aac287f6d44f91cb1c19f16d6fa11fd82acab3eb9cb75
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAARBDT733A77FTR05A
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"2c4ce318dd5c5da4ed12ccd014aa31cf-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
62651
x-xss-protection
1; mode=block
cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js
www.armorblox.com/
1 MB
370 KB
Script
General
Full URL
https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e5035c8d058e1c25449d6d4852b063de6329a8b4a73dc84f94fbb405f8967d35
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAA8FGDAQK6JZ6MQTW3
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"992d398ab821cc537fb1d7919560c5ee-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
378392
x-xss-protection
1; mode=block
component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js
www.armorblox.com/
1 KB
675 B
Script
General
Full URL
https://www.armorblox.com/component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
9a955a830fe4c3916de9ff562a0b8b315e40a862dadd9e456b3266ebb1131497
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAVK711N1PB595DV3Y
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"2d0811591db3318cce645b6711f1a16e-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
584
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/blog/ok-google-build-me-a-phishing-campaign/
33 KB
10 KB
Other
General
Full URL
https://www.armorblox.com/page-data/blog/ok-google-build-me-a-phishing-campaign/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
22159a12c9283a09989be2b9bd606f76129a2b26d1ca8e0d3c0b2f57abea6f40
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAK195Q8YAJNQSVD4K
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"ba4e49cfa5d43eac738c3df0d177dedf-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:17 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
1199463856.json
www.armorblox.com/page-data/sq/d/
2 MB
394 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/1199463856.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
a40b9fa9a7440c38759c2c8402474e113d3956bb08b77159a4791864d5fb3345
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAHBFND52RMX9XTFSC
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"f22f1cfda0effd70d43ce9f3a1393417-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
403201
x-xss-protection
1; mode=block
1347410642.json
www.armorblox.com/page-data/sq/d/
34 KB
6 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/1347410642.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
f1d2fc79d147c71aa167b407a47319b8c856948b3200705890a96b312ddf1664
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAXNQMZJX9P768NTP7
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"ab0203806dc59f8875dd7f91347c6bd7-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
6017
x-xss-protection
1; mode=block
1764408108.json
www.armorblox.com/page-data/sq/d/
148 KB
36 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/1764408108.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
b3d5b4be6e7a2889c7f7b173472375ce3b2da6033948af5a4484bb7530f06552
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAA0FMS5B36A92J4SCE
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"c45e2dde85c36b6ef33ae9ed7634b313-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
36567
x-xss-protection
1; mode=block
1832314599.json
www.armorblox.com/page-data/sq/d/
149 KB
36 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/1832314599.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
1d974f1e1e970e41c63cb0e33398d884db88acac2ba98ec8b9a8df204fd310fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAD2JFSD5R5DNGEGZS
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"47e9bdd8f6d48a971190f3f8b959ab3c-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
36675
x-xss-protection
1; mode=block
2204046486.json
www.armorblox.com/page-data/sq/d/
43 B
129 B
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/2204046486.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAA343KPAG6R0BJ9V7D
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"7a24ccbfda83f0e7500f61ee8c02de4a-ssl"
strict-transport-security
max-age=31536000
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block
2493646278.json
www.armorblox.com/page-data/sq/d/
422 B
508 B
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/2493646278.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
2bc74d8ac684c2c07dc2c4c8d3df18d6f350631954a49fb342eac5aa13dda267
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAB44J93FXDWP2G9GCJ
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"abaa6108b4739bc00b6bc939a40bb9b7-ssl"
strict-transport-security
max-age=31536000
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
422
x-xss-protection
1; mode=block
2732447379.json
www.armorblox.com/page-data/sq/d/
64 KB
18 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/2732447379.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
85309942cee52cab47e92148f4c21f15984a1e08a6ed7cbb63e275cabd3dc075
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAYJS2QR0QZAKFB4G8
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"6e226d2de0b26b397a5d962fd6fc1f37-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
17846
x-xss-protection
1; mode=block
2932681485.json
www.armorblox.com/page-data/sq/d/
70 B
157 B
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/2932681485.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
78df6e891c6153241987a2beb3ae39271274a094c36de4922cdc69a23b4811b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAATQTVXPGFR5D0CRB0
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"3cecab4f00ff69d710bf2664e4e24ff4-ssl"
strict-transport-security
max-age=31536000
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
70
x-xss-protection
1; mode=block
3040308473.json
www.armorblox.com/page-data/sq/d/
2 MB
388 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/3040308473.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
71b0089d7c527e6a7531b790e4506f3b2705f5cbb8b3f95a5ceef1fa55cf9338
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAAB0VK85CSP2ZN107B
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"a8f7633408f4040faaa9290cb5b3254e-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
396835
x-xss-protection
1; mode=block
3323934922.json
www.armorblox.com/page-data/sq/d/
590 B
678 B
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/3323934922.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
a88cd5d2766532b8d722540581011ad2fe22441f7ec0db584d86dea3787f2fa9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAB6M4NP32V7Z0RR590
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"3962cda75141ac7d71585dd135b5f385-ssl"
strict-transport-security
max-age=31536000
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
590
x-xss-protection
1; mode=block
3447689480.json
www.armorblox.com/page-data/sq/d/
3 KB
673 B
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/3447689480.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
273b9dc19af04ac2dd618b4b6ae690c2bf7bde4715d13a48126a75b68eebaeb3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAA8HFFA4Y314GSPMCN
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"aeec773a3b5b72960ee83cedc4129fbc-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
570
x-xss-protection
1; mode=block
3475154746.json
www.armorblox.com/page-data/sq/d/
40 KB
7 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/3475154746.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
260c3eb2159e04ce0d647d9beb0e3f2758a82136ea5806d32ea3c50d1b2d8d3a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAADY7JR5NFX3WB0FH4
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"148d2c752cfd2b8b379f1a8e8eec4b57-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
7008
x-xss-protection
1; mode=block
3627728446.json
www.armorblox.com/page-data/sq/d/
32 KB
5 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/3627728446.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
8b29ef7adac993a0cb8042dcb6705fe6e6b13ae8d3c4bf2f6579aa6ae90ae534
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAB3JSRE17977T0ATHY
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"673d8f63b45fe642d30e3504409603f5-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5351
x-xss-protection
1; mode=block
4183231755.json
www.armorblox.com/page-data/sq/d/
2 MB
387 KB
Other
General
Full URL
https://www.armorblox.com/page-data/sq/d/4183231755.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
8f27cedaf17cda78d6e31b33e5bf69837621e7f41d1aaaf2305ab154cc33064e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGABPT8TF21J0K9AJSRS
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13361
etag
"f1c38602db5ca63ea1a691ada6043742-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
395576
x-xss-protection
1; mode=block
app-data.json
www.armorblox.com/page-data/
50 B
137 B
Other
General
Full URL
https://www.armorblox.com/page-data/app-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
15d69b5673cf488a9115372ebf1c3c3410cc5f9aaf58b283ec5c450aa9eb3d0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APGAB4AZ881HF34DM458Z
content-security-policy
frame-ancestors 'none'
server
Netlify
age
13361
etag
"4b89934db09ddbc79606e1d20a6b879d-ssl"
strict-transport-security
max-age=31536000
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
accept-ranges
bytes
content-length
50
x-xss-protection
1; mode=block
google-attacks-article-thumbnail.png
assets.armorblox.com/f/52352/1688x1125/97800e751d/
1 MB
1 MB
Image
General
Full URL
https://assets.armorblox.com/f/52352/1688x1125/97800e751d/google-attacks-article-thumbnail.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c15b7993391272a1163a3107e5e6596a6c175ddc8930dad30faea75f00758396

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
lQVmcC5LVBEncbANoXDdHE09Uq_kxt58
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
etag
"fa0ed4fba2623437a3c80129a8ad5a70"
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1064278
last-modified
Wed, 11 Nov 2020 23:47:27 GMT
server
AmazonS3
date
Fri, 16 Sep 2022 05:00:19 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
public; max-age=31536000
accept-ranges
bytes
x-amz-cf-id
W_t8kEF2YG-Srjzjzuxzk8qtObZ4El1zFB4lOpA-714DCuLGqB-MNQ==
expires
Thu, 11 Nov 2021 23:47:26 GMT
amex-credential-phishing-summary.png
assets.armorblox.com/f/52352/1268x714/ff73d90dd9/
385 KB
386 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/1268x714/ff73d90dd9/amex-credential-phishing-summary.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4fca87c7981bee30d41f1a4b4b1fbeca4f477b56ebe13c3f4c32ebb95366df2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Mon, 23 Nov 2020 21:03:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"0e153f12b5b501b28e0e96db50d22e16"
x-cache
Miss from cloudfront
x-amz-version-id
mWQwTcgUmxxWEs8OboDThIOzEycwCsu4
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
394205
x-amz-cf-id
Om-8AFwp5JFepV9BwLNh4ys-tYtv2j1wo6BgQqThW-gXD8ZmhGXx0A==
expires
Tue, 23 Nov 2021 21:03:04 GMT
amex-scam-form-1-min.png
assets.armorblox.com/f/52352/424x592/7c8707578a/
47 KB
48 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/424x592/7c8707578a/amex-scam-form-1-min.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
654532dd0adc14475e5a12922f04e9a4ced280bc24f63f5b8788047d1514642a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Wed, 11 Nov 2020 20:31:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"6b1e9d88f652ab608c29005829b8b40f"
x-cache
Miss from cloudfront
x-amz-version-id
BEQNfP91y8_ZkNc9fu_Not_rCJ807MHF
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
48382
x-amz-cf-id
aMC33HNjlsdAoNk0IFgZOQwTDtKOKeEP4AQU31nr58ELhjJ2TFjIxg==
expires
Thu, 11 Nov 2021 20:31:16 GMT
elder-scam-email-final-min.png
assets.armorblox.com/f/52352/642x696/36fdf1e7ee/
112 KB
112 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/642x696/36fdf1e7ee/elder-scam-email-final-min.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96a6f491f20c119a75861a4de5dfabdfcc98a32b4710a1cff926c52a802ecedf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
FdJIsFLyuaOwUkPNAzLlfA4dLJS5GXdv
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
etag
"cb9f129ff34ca31a6e12d05dee9fcf61"
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
114321
last-modified
Wed, 11 Nov 2020 20:51:05 GMT
server
AmazonS3
date
Fri, 16 Sep 2022 05:00:19 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
public; max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UBHO8w6kzXNDQe-g5koUwPhwGCeTOTThS4SimbVO5M5M6kraeV7zOw==
expires
Thu, 11 Nov 2021 20:51:04 GMT
elder-scam-form-final-min.png
assets.armorblox.com/f/52352/747x306/b72a835ee2/
34 KB
35 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/747x306/b72a835ee2/elder-scam-form-final-min.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67bc218612b8368c7a8cace136e6b8051eb748732651946a97e11f6503e4b0fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Wed, 11 Nov 2020 20:50:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"b8f63cbed5d72d5c1c06427442d6fda5"
x-cache
Miss from cloudfront
x-amz-version-id
ffMoQPAJVE8bE2a1b1jyKdt7uIlufKyW
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
35285
x-amz-cf-id
0mV7l2QbPJKD0Te9dEBJjaJlSV_aNogSo5eS-sQUyjP9rabpTpmTAA==
expires
Thu, 11 Nov 2021 20:50:19 GMT
it-team-impersonation-email-final-min.png
assets.armorblox.com/f/52352/836x592/b2b2530e2f/
109 KB
110 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/836x592/b2b2530e2f/it-team-impersonation-email-final-min.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a315706be89e729db8a4bf8736335b620618d508d33b9fbf24183dd89336c8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Wed, 11 Nov 2020 20:52:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"de1c3d44f34d9acf43ff7ae89a532a2b"
x-cache
Miss from cloudfront
x-amz-version-id
_TBdDauKHqdU.p.E8diVAlh7nQ6ERyuv
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
112018
x-amz-cf-id
T_YVa3255SrCLiEQKuPcnxdcNWF8QfTKv39VCoEesIkg9zKuiEux3w==
expires
Thu, 11 Nov 2021 20:52:27 GMT
firebase-phishing-page-final-min.png
assets.armorblox.com/f/52352/772x475/f725c68283/
30 KB
31 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/772x475/f725c68283/firebase-phishing-page-final-min.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c31739e21da813ddcdaabdbb0e3df14f65e56172012ef4c16bd052ed3ad6fd4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Wed, 11 Nov 2020 20:55:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"2f6316883f13e771ba97210868877e44"
x-cache
Miss from cloudfront
x-amz-version-id
AZW8Pq4xrXoeAq0MxVwhTNr27XSbfgQH
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
31127
x-amz-cf-id
dc8ACO_LjoBE_rlgyNyZ9GEP0f6tPlcaLdaOqOkUc1bIn1RAMQthzw==
expires
Thu, 11 Nov 2021 20:55:38 GMT
payslip-scam-email-final-min.png
assets.armorblox.com/f/52352/880x621/0ce5e2a7c1/
107 KB
108 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/880x621/0ce5e2a7c1/payslip-scam-email-final-min.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8f5663c6c4e7908285f4443950bde8c7f3b2c1a9161e33d900d31c5187ec97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Wed, 11 Nov 2020 21:00:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"183c7c489659b4fa8e3a9ffb0c66c0dc"
x-cache
Miss from cloudfront
x-amz-version-id
zy8pYRuPJ.1x397vUrmj8KKR70vTzTO2
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
109914
x-amz-cf-id
dyHKexzN3w8yK05jIrXsD332lWcLRFk5RqO5egr0xYHSTJ5HSLMmwg==
expires
Thu, 11 Nov 2021 21:00:28 GMT
payslip-scam-lp-final-min.png
assets.armorblox.com/f/52352/416x398/1b1a9b321e/
41 KB
41 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/416x398/1b1a9b321e/payslip-scam-lp-final-min.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c607128729be1872e72d7fe7ffc30555fbef9145d5606129f2bde384180fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Wed, 11 Nov 2020 21:02:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"ebbe2f9c4c47d5a3f1160d0571127f62"
x-cache
Miss from cloudfront
x-amz-version-id
020WfkymzOVEhepyMP0qt4eZW1UpgOn0
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
41567
x-amz-cf-id
zK8D4DPh2TzPX_IGyIwsu0qJtet9ZhVFRDwSzofBuiPcZpr0yqKZIA==
expires
Thu, 11 Nov 2021 21:02:25 GMT
microsoft-teams-phishing-attack-flow-min.png
assets.armorblox.com/f/52352/930x524/4a894f318d/
270 KB
271 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/930x524/4a894f318d/microsoft-teams-phishing-attack-flow-min.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
108c7a90124577dd7e309c7bbc98c844814f32e57911ee670d76505a1dac6808

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Wed, 11 Nov 2020 21:18:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"0d91a3e6a04a7faf6cceb565a5c503bb"
x-cache
Miss from cloudfront
x-amz-version-id
S0pcb1UhKIJSdr_bAtCvWe5chW9tfJL5
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
276913
x-amz-cf-id
OqsF6V0e-tMvE3UjX0z2X1NoxSgI7S5S_8W46j9Jf0GdbI7QSfmeVQ==
expires
Thu, 11 Nov 2021 21:18:42 GMT
WKuTtLhVNw_ibTCgOhyfnAsYG57ZWVjM80VHOjGmv0jvSbxE0CeK6VMUR7tEBHZIVefI1DOuUkT4DG1BhKYJs9hdrycat0j2BaYkQTmMU5W8h7SQTinKUm9d-5WyY7I9DHTIydJb
lh5.googleusercontent.com/
0
0
Image
General
Full URL
https://lh5.googleusercontent.com/WKuTtLhVNw_ibTCgOhyfnAsYG57ZWVjM80VHOjGmv0jvSbxE0CeK6VMUR7tEBHZIVefI1DOuUkT4DG1BhKYJs9hdrycat0j2BaYkQTmMU5W8h7SQTinKUm9d-5WyY7I9DHTIydJb
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

youtube.svg
assets.armorblox.com/f/52352/x/7453252d4c/
704 B
1 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/x/7453252d4c/youtube.svg
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b6f9abbe03119dc36e88acddcb8e50d8522352723c5fd5f1e6c0c3426b4ff5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
lbRkzmHrb2xeGv_ziOr8RkpI_LZPvXwB
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
etag
"657583ff2e768183a5fb64fb0b9e7d2f"
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
704
last-modified
Thu, 24 Jun 2021 18:08:06 GMT
server
AmazonS3
date
Fri, 16 Sep 2022 05:00:19 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public; max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pneZvW-Kz5VkQSzfFia2Moabijq-AiWZIuF0ZfRizKMeF2M8KSf43Q==
expires
Fri, 24 Jun 2022 18:08:05 GMT
linkedin.svg
assets.armorblox.com/f/52352/x/155bd1c707/
812 B
1 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/x/155bd1c707/linkedin.svg
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b75d669453c5377eebafda19b9ae0b4583853a06a5ba817fad8174adacf7fe69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
XsESDOX82cYk.RLqQtoILFecu6jiFmP.
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
etag
"21ef1437b68ac009fef5345d7e32ab29"
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
812
last-modified
Thu, 24 Jun 2021 18:07:38 GMT
server
AmazonS3
date
Fri, 16 Sep 2022 05:00:19 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public; max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Yk8qHR5d1lBABxA0NMpXNTMrhPkuVAWTgKeXD4pmfVjQ4suxp0ADkg==
expires
Fri, 24 Jun 2022 18:07:37 GMT
facebook.svg
assets.armorblox.com/f/52352/x/64fd04f4ec/
534 B
1007 B
Image
General
Full URL
https://assets.armorblox.com/f/52352/x/64fd04f4ec/facebook.svg
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
132e0a9dd6275c5353db596f5fec132a5120ff9ad39ab3d27eb4e7ad2b7f9a26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
qiC.VGaumdHq7VFjbEBar5PwE9WXg5jm
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
etag
"49954fbdf18ba81327981eab1758dc55"
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
534
last-modified
Tue, 29 Jun 2021 00:30:31 GMT
server
AmazonS3
date
Fri, 16 Sep 2022 05:00:19 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public; max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CmUhOYnSOql2HCLcd6ByKle6f-kf46a3Bgtr09ShV-ZA3EmQGDRSKA==
expires
Wed, 29 Jun 2022 00:30:30 GMT
twitter.svg
assets.armorblox.com/f/52352/x/e0446ad765/
963 B
1 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/x/e0446ad765/twitter.svg
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7001ada63b35c370c5c207ef8c85d0ae5bd79c826599f1d2bc36de67a6531ea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
NfDoMuB.euKHPI_VkVpl9j.6PBlb08gC
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
etag
"a289a62d76fd458b5967482c532773c9"
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
963
last-modified
Thu, 24 Jun 2021 17:59:33 GMT
server
AmazonS3
date
Fri, 16 Sep 2022 05:00:19 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public; max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DQIFRbGLzpgtzltAtVyzA2-2xQEXCUAZpQjYaPEN2MVNiCrbAonIYg==
expires
Fri, 24 Jun 2022 17:59:31 GMT
7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json
cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/
215 B
574 B
XHR
General
Full URL
https://cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7477d20f89c10a61f2d0c92d1bf41159498bd496589e2eabd1d1eb97739ded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
26ce1a61-901e-007a-7189-c9b2ab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74b709a2e8dd9c01-FRA
expires
Fri, 16 Sep 2022 09:00:17 GMT
gtm.js
www.googletagmanager.com/
232 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b864ca3960570c7af9b02965b72c84469d288b5cfb03bc1bdcd38e9ce919b06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82228
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Sep 2022 05:00:17 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04f9098825e7c5644552ed96fd1e01bba9bd0c074784d085108ffcc889c06f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
341 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5571f1943dcc57dfed00e9e8c9bcd1588d1b9eccceb9c9472219167cdad0e933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47d0606aac29b8e5df0845350e3fec479cc51387efb7fef9b3c7bb181b8c7a1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=17388
accept-ranges
bytes
content-length
3063
optimize.js
www.google-analytics.com/gtm/
105 KB
41 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-P34TZX3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02d4adff4fd8e99ac15f17a549dee5c6edd0af25cdb48e20ef5f6ae28bd3d782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41624
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Sep 2022 05:00:18 GMT
conversion_async.js
www.googleadservices.com/pagead/
41 KB
16 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
server
cafe
etag
1764007376392519731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 05:00:18 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-148-88.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 05:00:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 21:55:11 GMT
Server
AkamaiNetStorage
ETag
"652cf747f68f64e15276c347eb3aef37:1661464511.126488"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
740
bizible.js
cdn.bizible.com/scripts/
83 KB
32 KB
Script
General
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 18:50:46 GMT
server
ECS (frb/67D4)
age
27920
etag
"35b83dbca1c7d81:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
32316
ikk2zzg7t3aw.js
js.driftt.com/include/1663304700000/
214 KB
61 KB
Script
General
Full URL
https://js.driftt.com/include/1663304700000/ikk2zzg7t3aw.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-64.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
230cef17f8b019c9e5987e1966b3e131c21fa794a0d76b3a4a712fa849dbee58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
via
1.1 10a35db7a5db275f537a340dc439408c.cloudfront.net (CloudFront), 1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, VIE50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 21:04:17 GMT
server
nginx
etag
W/"7fcb1454db860e57f83119b09d3fdb80"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
N6U5KL_Z1eVcggYSKxAOUng14z.yWLni
access-control-allow-origin
*
cache-control
max-age=10
access-control-allow-credentials
true, true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4Ze1KByJSQoqlKt-JpsdkwpvLmRr-cdJgoc4yJ4N2qjPOldHiltnNw==
lp.js
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/
6 KB
6 KB
Script
General
Full URL
https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
last-modified
Fri, 10 Dec 2021 19:19:18 GMT
x-amz-request-id
tx0000000000000a5342aaf-00631fb4f1-3ade2f46-sfo2a
etag
"b407e44b8c40c183ae2c50df3bbcf151"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1663304418.dop163.fr8.t,1663304418.cds010.fr8.hn,1663304418.cds270.fr8.c
content-type
application/x-javascript
cache-control
max-age=322703
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
content-length
5673
associate-segment
segment.prod.bidr.io/
Redirect Chain
  • https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=
  • https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1
43 B
793 B
Image
General
Full URL
https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
HTTP/1.1
Server
52.30.214.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-214-212.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Sep 2022 05:00:18 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://segment.prod.bidr.io/associate-segment?buzz_key=metadata&segment_key=metadata-90&value=&_bee_ppp=1
Date
Fri, 16 Sep 2022 05:00:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
p.css
p.typekit.net/
5 B
195 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=jvs4ixc&ht=tk&f=17001.17005.22622.22658&a=85898256&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Fri, 16 Sep 2022 05:00:18 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663304418036&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1814324%26time%3D1663304418036%26url%3Dhttps%253A%252F%252Fwww.armorblox.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663304418036&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663304418036&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&liSync=true&e_ipv6=AQJ87VRqBp3-...
0
263 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663304418036&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&liSync=true&e_ipv6=AQJ87VRqBp3-mgAAAYNEq0XZO1I-jpnNJeUQSQLaDwbVQAedpb2vusuqvr50Z54bIVHqjow
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 84C77E9D8B7F4048920855F086369249 Ref B: FRAEDGE1118 Ref C: 2022-09-16T05:00:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXoxD0NPBk21sWmBmpsyQ==
x-li-fabric
prod-lva1

Redirect headers

date
Fri, 16 Sep 2022 05:00:18 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8F13606CB99B462C845E94CE6601874F Ref B: FRAEDGE1220 Ref C: 2022-09-16T05:00:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1814324&time=1663304418036&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&liSync=true&e_ipv6=AQJ87VRqBp3-mgAAAYNEq0XZO1I-jpnNJeUQSQLaDwbVQAedpb2vusuqvr50Z54bIVHqjow
x-li-proto
http/2
content-length
0
x-li-uuid
AAXoxD0Is1cGEsLfG4h1fA==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7098
date
Fri, 16 Sep 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 16 Sep 2022 05:02:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1663304418098&cv=9&fst=1663304418098&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&tiba=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&auid=1957819327.1663304418&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
407e328b15c4137f16f348f1f4834686ab2fd5efbadad679ea5f5acf2fe8e7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-103936869-1&cid=1680615704.1663304418&jid=1358305562&gjid=1504158083&_gid=449975977.1663304418&_u=YGBAiEABRAAAAE~&z=8735508
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.armorblox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Sep 2022 05:00:18 GMT
content-type
text/plain
access-control-allow-origin
https://www.armorblox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1264165995&t=pageview&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&ul=en-us&de=UTF-8&dt=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABR~&jid=1358305562&gjid=1504158083&cid=1680615704.1663304418&tid=UA-103936869-1&_gid=449975977.1663304418&gtm=2wg9e05DM95KB&z=834258354
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:20:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34769
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
l
use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/
46 KB
47 KB
Font
General
Full URL
https://use.typekit.net/af/3ec29d/00000000000000007735a1b1/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
276ce26603da0a4bf9d16f692e149734aa6a26eb4e56885938cd8c5582c6d423

Request headers

Referer
https://use.typekit.net/jvs4ixc.css
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
server
nginx
etag
"3a10c5262b240475e5bca5e7da48ec50b8a32efc"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47364
l
use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/
48 KB
48 KB
Font
General
Full URL
https://use.typekit.net/af/5d2da8/00000000000000007735a1ac/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3cb45867ace25baa1d6bcd56d05739fa8733cbadd9959fb33c2c038037a8742d

Request headers

Referer
https://use.typekit.net/jvs4ixc.css
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
server
nginx
etag
"c8259a14b519552d38e884fd3c99e38df688eca8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
48668
l
use.typekit.net/af/d9e6fa/00000000000000007735a1c3/30/
43 KB
43 KB
Font
General
Full URL
https://use.typekit.net/af/d9e6fa/00000000000000007735a1c3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/jvs4ixc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d3629679a7b8c5d0d6af84a5aca6ef0e8fb7f966b39c6a64cd584dbeef2ca5ce

Request headers

Referer
https://use.typekit.net/jvs4ixc.css
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
server
nginx
etag
"deedb6e32ad5c2c4c06c04c78a4e7af1ce7e86a4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43648
logo_color.svg
assets.armorblox.com/f/52352/775x159/8fa6246e47/
5 KB
2 KB
Image
General
Full URL
https://assets.armorblox.com/f/52352/775x159/8fa6246e47/logo_color.svg
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0b8a9530fe420d782e19330e0f0efa1063be86f3ddb516908afcd3ae653ac5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
mz7FuZyYU2Vi0U2XIKm7_i5TkImigldk
content-encoding
gzip
last-modified
Tue, 22 Jan 2019 17:30:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"bd9097047e005ccf1fd3c513042585c6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
cache-control
public; max-age=31536000
date
Fri, 16 Sep 2022 05:00:19 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-id
FOnGipinaaUMbot40NmxlrmfmlLWlsfL4YkXNEe8tRjeXa7mH96ZOA==
expires
Wed, 22 Jan 2020 17:30:47 GMT
arjun_sambamoorthy.png
assets.armorblox.com/f/52352/1500x1512/d107f64180/
1 MB
1 MB
Image
General
Full URL
https://assets.armorblox.com/f/52352/1500x1512/d107f64180/arjun_sambamoorthy.png
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:f:71f1:7280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03998ea27760c02bcbd4e6d8c15fefa7f660941c26d05ee457320ed0d0337e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified
Tue, 29 Oct 2019 20:16:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"a7cd2c770764d70823c15cc72fd09146"
x-cache
Miss from cloudfront
x-amz-version-id
Z0P94DV51LT5wnHPhgACrIzJbORoRcsp
cache-control
public; max-age=31536000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
1257670
x-amz-cf-id
DcvAdiFcF0tcY-rkTRHdwRLHpx87KA4ec8PwEsqgMT_rz8oK61Km8Q==
expires
Wed, 28 Oct 2020 20:16:23 GMT
munchkin.js
munchkin.marketo.net/162/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/162/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-148-88.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 05:00:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Jul 2022 00:59:12 GMT
Server
AkamaiNetStorage
ETag
"75daf56f6191efe42577301908659c29:1656637152.894482"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4677
Expires
Sun, 25 Dec 2022 05:00:18 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103936869-1&cid=1680615704.1663304418&jid=1358305562&_u=YGBAiEABRAAAAE~&z=919365855
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-103936869-1&cid=1680615704.1663304418&jid=1358305562&_u=YGBAiEABRAAAAE~&z=919365855
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ipv
cdn.bizible.com/m/
43 B
304 B
Image
General
Full URL
https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=dfa33913b178491391cfcfd6e2bcf80c&_biz_s=32fde0&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&_biz_t=1663304418531&_biz_i=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&_biz_n=0&rnd=594082&cdn_o=a&_biz_z=1663304418532
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
last-modified
Wed, 14 Sep 2022 14:12:01 GMT
server
ECS (frb/6760)
age
139697
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
accept-ranges
bytes
content-type
Image/GIF
content-length
43
expires
-1
u
cdn.bizibly.com/
43 B
202 B
Image
General
Full URL
https://cdn.bizibly.com/u?_biz_u=dfa33913b178491391cfcfd6e2bcf80c&_biz_s=32fde0&_biz_l=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&_biz_t=1663304418534&_biz_i=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&rnd=827726&cdn_o=a&_biz_z=1663304418534
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
last-modified
Thu, 15 Sep 2022 23:58:30 GMT
server
ECS (frb/67C2)
age
18108
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
accept-ranges
bytes
content-type
Image/GIF
content-length
43
expires
-1
forms2.min.js
app-sj27.marketo.com/js/forms2/js/
208 KB
69 KB
Script
General
Full URL
https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/cb2850d0e5c937a7e805dcf7085da3aca12fa612-b87894f87a8241fd9dbb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sat, 27 Aug 2022 04:27:51 GMT
server
cloudflare
age
3136
etag
"25e05e2-33e56-5e731742b0ec1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
74b709a95cab6903-FRA
expires
Fri, 16 Sep 2022 09:00:18 GMT
stories
api.storyblok.com/v1/cdn/
58 KB
18 KB
XHR
General
Full URL
https://api.storyblok.com/v1/cdn/stories?token=Qd69ZOZO6sHj2uVQzEsu3gtt&by_uuids=84a79463-6a95-4100-a8d2-1f949eb5d3c9,f673115e-dd13-4409-9ba6-bc1025704c0b,3caf4d37-11ca-4ced-b708-5d72d2b5388a,bb1bb925-f90d-4afd-9e42-ba46883b8ece,febdba3d-c7a4-42fc-af8c-091f0c5c6d70,74e883d8-c3dc-4d5a-83b4-89544af3c7c0
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-107.fra60.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
b479d1ebea37a435984cca0dfcf6c5c98a2738de1059a4676adc02289ada0686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.armorblox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

total
6
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
577449
x-cache
Hit from cloudfront
per-page
25
x-xss-protection
1; mode=block
x-request-id
ebeda597-12b2-4096-bc07-228efc21db8b
x-runtime
0.034462
access-control-allow-origin
https://www.armorblox.com
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
SAMEORIGIN
date
Fri, 16 Sep 2022 05:00:18 GMT
x-download-options
noopen
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=utf-8
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
access-control-expose-headers
Api-Version, Token, Total, Per-Page
cache-control
max-age=0, public, s-maxage=604800
access-control-allow-credentials
true
etag
W/"b479d1ebea37a435984cca0dfcf6c5c9"
access-control-max-age
7200
x-amz-cf-pop
FRA60-P1
link
x-amz-cf-id
Hewqq4pc_pnzhHFHXa3YJCQ7rfDV9MSU9AAWZa5eiOQNkVn0cS6rFQ==
/
www.google.com/pagead/1p-user-list/726574466/
42 B
154 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/726574466/?random=1663304418098&cv=9&fst=1663304400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&tiba=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&async=1&fmt=3&is_vtc=1&random=838980902&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/726574466/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/726574466/?random=1663304418098&cv=9&fst=1663304400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&tiba=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&async=1&fmt=3&is_vtc=1&random=838980902&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page-data.json
www.armorblox.com/page-data/blog/
0
6 KB
Other
General
Full URL
https://www.armorblox.com/page-data/blog/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH93P5ED3S1TJ1TQY5KM
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
9748
etag
"93e378674244b50145d530929bf27a92-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 02:17:50 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5449
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/industries/financial-services-email-security/
0
11 KB
Other
General
Full URL
https://www.armorblox.com/page-data/industries/financial-services-email-security/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH94XN4KQWY5BFAACPT1
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"752a4f76a8c8be6ec6bd1c268838efcc-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/blog/authors/arjun-sambamoorthy/
0
5 KB
Other
General
Full URL
https://www.armorblox.com/page-data/blog/authors/arjun-sambamoorthy/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH94NCFDXZT41YZCPMYC
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"c72f9004d4a2087cd8af91245852e64a-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/
0
11 KB
Other
General
Full URL
https://www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH94J9JHZAEMEFEVKNE5
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"5411a8413360ef760775c56e4d39463f-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/business-email-compromise/
0
11 KB
Other
General
Full URL
https://www.armorblox.com/page-data/solutions/business-email-compromise/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH94WS25MX3BQNJ0M5NA
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"19b823b1ca4a078af703281aac9ed19e-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/google/
0
9 KB
Other
General
Full URL
https://www.armorblox.com/page-data/solutions/google/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH94GDY8W6812RB31YTW
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"210096b8cb8a11a5f85dc7b0e12317fa-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/executive-impersonation/
0
12 KB
Other
General
Full URL
https://www.armorblox.com/page-data/solutions/executive-impersonation/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH94HW56ZCB73ZPKDQ23
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"1e0201d8228407712beb8cac83d7b257-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/email-account-compromise/
0
11 KB
Other
General
Full URL
https://www.armorblox.com/page-data/solutions/email-account-compromise/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH946645C9EB0FZ2DG2Y
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"611164b4f3e5f6c850cc0a1295c23fa8-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/industries/education-industry-email-security/
0
11 KB
Other
General
Full URL
https://www.armorblox.com/page-data/industries/education-industry-email-security/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH97FBZA62BBH82F90TS
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"2102beee383b11bd12978dc7c98dc894-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/customers/
0
10 KB
Other
General
Full URL
https://www.armorblox.com/page-data/customers/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APH97Y4M5WG1J4QSWCXX6
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"33732a69e3b24b65c6b0c8066b8ac897-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/
0
9 KB
Other
General
Full URL
https://www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHAEA43H9TQJK1ZHG6N7
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"7adfe3816bedb0f2c778181f307eaf39-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/microsoft/
0
10 KB
Other
General
Full URL
https://www.armorblox.com/page-data/solutions/microsoft/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHAEECFK7B3QNFW3JS2S
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"bba2c8576f91a1360379ac962b5db331-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/industries/healthcare-email-security/
0
11 KB
Other
General
Full URL
https://www.armorblox.com/page-data/industries/healthcare-email-security/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHAEYB4KFCFYQ34QZKP6
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"829212c216ea1ae673a0a4135f797829-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/index/
0
10 KB
Other
General
Full URL
https://www.armorblox.com/page-data/index/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHAE1WDPK98FQV6NMB2N
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
9748
etag
"60b3ad9d242a39c1f564a9c2a3287bb7-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 02:17:50 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10292
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/data-loss-prevention/
0
11 KB
Other
General
Full URL
https://www.armorblox.com/page-data/solutions/data-loss-prevention/page-data.json
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.armorblox.com/
Origin
https://www.armorblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHAE84TEPN03RC4QN0QV
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"100732a4b702cab4e7f75c001dc7bb97-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
visitWebPage
176-xmj-030.mktoresp.com/webevents/
2 B
318 B
Ping
General
Full URL
https://176-xmj-030.mktoresp.com/webevents/visitWebPage?_mchNc=1663304418613&_mchCn=&_mchId=176-XMJ-030&_mchTk=_mch-armorblox.com-1663304418613-47299&_mchHo=www.armorblox.com&_mchPo=&_mchRu=%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 05:00:19 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
9f68ec8e-a5e8-42b5-b7d6-25d9a5ff5ad0
6si.min.js
j.6sc.co/
30 KB
10 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b71f76186117ab510aca8eb8208815da837acdd4b29e171c9897993175c28878
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Aug 2022 22:26:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"630402a0-786e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
9594
expires
Fri, 16 Sep 2022 05:00:18 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726574466/?random=1663304418627&cv=9&fst=1663304418627&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&tiba=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&auid=1957819327.1663304418&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49ee992f0cfcb5a8e831090f9b7ea63b0da1d6bcb04ca84243c19eee51097c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1055
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
101 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26872
x-xss-protection
0
pragma
public
x-fb-debug
1ADybhgGh8HTh5C+ozRbsh2z3DAKGrDSTdc9xGWm3gGBMa9dwjsTna8FU81BjQpFtugtF/LAGkKbpDGbF7fI+w==
x-fb-trip-id
2071890597
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ha-analytics.js
analytics.humanautomation.ai/
61 KB
20 KB
Script
General
Full URL
https://analytics.humanautomation.ai/ha-analytics.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-246-234.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d3383dd19ed9aad4099c7b406339e82c23385d4d015eba91ec048bbdb8051f25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 02:06:25 GMT
server
nginx/1.20.0
etag
"f3dd-5e80cc28faa40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
20312
ha-analytics-form-tracking.min.js
analytics.humanautomation.ai/
10 KB
3 KB
Script
General
Full URL
https://analytics.humanautomation.ai/ha-analytics-form-tracking.min.js?v=1663304418629
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-246-234.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
376c16c0f5598f8c744c19291f060232fd0bfa3cd685e7bdbedb5bd1d5779c56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 02:06:25 GMT
server
nginx/1.20.0
etag
"2993-5e80cc28faa40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3273
4MreV1Ai7H5ui5ARpnnT
ws.zoominfo.com/pixel/
3 KB
2 KB
Script
General
Full URL
https://ws.zoominfo.com/pixel/4MreV1Ai7H5ui5ARpnnT
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7dc1adaf7e84ba05d0037c1a33c1a63f6652b009a251d716b6b4ebf07e78d4b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
74b709a94aacbb8b-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via
1.1 google
iframe_api
www.youtube.com/
992 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DM95KB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad4233d382a13f75eca9f55dbce03b0cc519d92dc9f809cd39621f028071fdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 16 Sep 2022 05:00:18 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1264165995&t=pageview&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&ul=en-us&de=UTF-8&dt=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABRAAAAE~&jid=&gjid=&cid=1680615704.1663304418&tid=UA-103936869-1&_gid=449975977.1663304418&gtm=2wg9e05DM95KB&z=1941098219
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:20:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34769
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/track/pxl/
70 B
261 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=pzpbnk3&ct=0:cg0zq4c&fmt=3
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/pxl/
70 B
260 B
Image
General
Full URL
https://insight.adsrvr.org/track/pxl/?adv=pzpbnk3&ct=0:g19hf38&fmt=3
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xdc.js
cdn.bizible.com/
116 B
524 B
Script
General
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=dfa33913b178491391cfcfd6e2bcf80c&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.08.11
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
5b0d34c83943b7b8cbe280fb0b888fc233a1b44f865767282eddd8c5264c4624

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
content-encoding
gzip
server
ECS (frb/6711)
etag
9B53F531
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
private, must-revalidate, max-age=21600
content-type
text/javascript; charset=utf-8
content-length
217
page-data.json
www.armorblox.com/page-data/blog/
20 KB
5 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/blog/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
162e18544f336f5335835730a3d017b65749cda68d94de3efafe10d679fa72a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHBK0X6BN8DWPX0CZ7GA
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
9748
etag
"93e378674244b50145d530929bf27a92-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 02:17:50 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5449
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/index/
43 KB
10 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/index/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
ffedecaa5ea039ffbdc1cc9d651a4856e08a9f2bbd9e2a5dccefc7cd38e42226
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHBYMHFGDW6TEHRQ48D6
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
9748
etag
"60b3ad9d242a39c1f564a9c2a3287bb7-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 02:17:50 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10292
x-xss-protection
1; mode=block
component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js
www.armorblox.com/
0
731 B
Other
General
Full URL
https://www.armorblox.com/component---src-templates-storyblok-entry-js-b338d741921adbdc0403.js
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/app-2759e81c69034ed02618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHD2WQJ61V6B98B7CWQ4
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
13362
etag
"2d0811591db3318cce645b6711f1a16e-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 01:17:36 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
584
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/
38 KB
11 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/solutions/abuse-mailbox-remediation/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
7affec8282a03eb4eb47780a46e9d8c7f2f5603cfe6be321dd064d03ac60eef3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHE9QBF34JGPVR937VM3
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"5411a8413360ef760775c56e4d39463f-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10842
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/email-account-compromise/
40 KB
11 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/solutions/email-account-compromise/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e046beb1e5af3b7941fe46f8a42016dfa89157e68b398da5bb61d49b6eb47bdc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHE9CYJ122TN4BD7A4VD
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"611164b4f3e5f6c850cc0a1295c23fa8-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
11435
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/business-email-compromise/
42 KB
11 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/solutions/business-email-compromise/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
df26a4efbeab7bdc6099663f5762fe2b6c6fd53230064e7503104e3a9582fc37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHEA0C5X8XNSB9NFPHB4
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"19b823b1ca4a078af703281aac9ed19e-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
11675
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/google/
37 KB
9 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/solutions/google/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
dc993be385b63c746e962cc42adb2ba08a67c3c5eafbd08b28014e105aa8c2d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHEAH22EMWTVXEEMR9RM
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"210096b8cb8a11a5f85dc7b0e12317fa-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
9436
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/industries/education-industry-email-security/
41 KB
11 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/industries/education-industry-email-security/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
ab4f468b462952c0b24e589333f2b18cb4ff05177c3d9353d24e8f44d519d2b3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHEA97TRRQ46TAFBNFG9
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"2102beee383b11bd12978dc7c98dc894-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
11288
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/industries/financial-services-email-security/
39 KB
11 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/industries/financial-services-email-security/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
93a805e1e77c07570d61dda3ff689dcf2a205ee1452de272d4a2d17e29c352ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHEATANFHPBC7SEQ23WR
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"752a4f76a8c8be6ec6bd1c268838efcc-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10903
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/customers/
41 KB
10 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/customers/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
1b65327fc362f0ec64cb20e092726e717ac73312ffaa3b792c7c49b62bf3fecc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHEBJZ9HEXSCX1TEXMMA
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"33732a69e3b24b65c6b0c8066b8ac897-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10408
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/
38 KB
9 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/solutions/secure-email-gateway-augmentation/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
c196eda385cab60127300efb93c6ee115a48025ede63f48cdd7c7e2a93f27966
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHFBF5X0YX6M7JND03E7
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"7adfe3816bedb0f2c778181f307eaf39-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
9523
x-xss-protection
1; mode=block
getuidj
secure.adnxs.com/
11 B
701 B
XHR
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 05:00:18 GMT
X-Proxy-Origin
80.255.7.106; 80.255.7.106; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a8dd4ee-bfec-4f2c-847a-f3e8140f1649
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.armorblox.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/
7 B
204 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:18 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.armorblox.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
page-data.json
www.armorblox.com/page-data/blog/authors/arjun-sambamoorthy/
19 KB
5 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/blog/authors/arjun-sambamoorthy/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
10318c5fd4eaf7f569ad17546ef3fe4a2c2497142591bf3927ef713572784907
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHGKGKMEW07NNXWNC9FY
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"c72f9004d4a2087cd8af91245852e64a-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5066
x-xss-protection
1; mode=block
www-widgetapi.js
www.youtube.com/s/player/f6383696/www-widgetapi.vflset/
161 KB
52 KB
Script
General
Full URL
https://www.youtube.com/s/player/f6383696/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
3170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53518
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 00:18:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Sep 2023 04:07:28 GMT
page-data.json
www.armorblox.com/page-data/industries/healthcare-email-security/
39 KB
11 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/industries/healthcare-email-security/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
42fc1ae55974f761daff6f271095d76b4ebdd16b9c7562960ee5bea66e8ae60c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHGKZAV2WV3S8HXBC1V6
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"829212c216ea1ae673a0a4135f797829-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10898
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/microsoft/
40 KB
10 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/solutions/microsoft/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
fc1e1b414a41e1039d0995863c848978cead85dd93713dedde86a5f4036f046c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHGV5XTY79XZAJW8TGEQ
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"bba2c8576f91a1360379ac962b5db331-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
9819
x-xss-protection
1; mode=block
page-data.json
www.armorblox.com/page-data/solutions/data-loss-prevention/
42 KB
11 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/solutions/data-loss-prevention/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
d42b61b91e910fd6515346f7dd2f09542a3fd2cb080e14ea1a737c414abeb085
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHGXBNFWVJAZ9JTK7QDJ
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"100732a4b702cab4e7f75c001dc7bb97-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
11483
x-xss-protection
1; mode=block
212326003800453
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/212326003800453?v=2.9.81&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
809db6c849488a111554cadd2cf358db4a820e9d908208250be6d155c2aacda2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
KcyyyhrzVIW0HDV73KY6mflbzN1cYufPBek58CgLoNVuBxJHiV6/8iTudJWSlFJ+KWm9x00IL+Mm545fdymq8A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 16 Sep 2022 05:00:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
getForm
app-sj27.marketo.com/index.php/form/
3 KB
2 KB
Script
General
Full URL
https://app-sj27.marketo.com/index.php/form/getForm?munchkinId=176-XMJ-030&form=1082&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&callback=jQuery112409829201671840764_1663304418866&_=1663304418867
Requested by
Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4594b7b627debade36799c6d367e2a88ca9f3021dc31bda05fbf0c7cc5a98879

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-form-service-request-id
13789#18344ab47fd
x-marketo-source
Form Service
cf-ray
74b709aa1e1c6903-FRA
cached
false
/
www.google.com/pagead/1p-user-list/726574466/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/726574466/?random=1663304418627&cv=9&fst=1663304400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&tiba=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&async=1&fmt=3&is_vtc=1&random=2017145578&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/726574466/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/726574466/?random=1663304418627&cv=9&fst=1663304400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&tiba=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&async=1&fmt=3&is_vtc=1&random=2017145578&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
data.js
tags.clickagy.com/
38 KB
14 KB
Script
General
Full URL
https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by
Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/4MreV1Ai7H5ui5ARpnnT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b05f32b262a8ddfa4c0322b0b4b376258b7996177b98d5a1e2b4585d20cba27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
2874
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id
voLTTawX.GcVEDQiIRYzY2txm8P5Ii8i
last-modified
Fri, 16 Sep 2022 04:12:14 GMT
server
cloudflare
etag
W/"9d3ea74a65932cc93f95029e15978232"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c0e5f870deac34f99f746174f65a2880.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
cf-ray
74b709aaff63913d-FRA
x-amz-cf-id
RTUNKM2p1XC7Wmcgzf_sunfsa2cXz6iftbCywnObPio6JuCQXxG5xw==
page-data.json
www.armorblox.com/page-data/solutions/executive-impersonation/
43 KB
12 KB
XHR
General
Full URL
https://www.armorblox.com/page-data/solutions/executive-impersonation/page-data.json
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
2506da391f7bf08d8933cbf783cca162d930429b131903dfdc1bb198a60a821e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nf-request-id
01GD2APHMAGRWY3NT2TEG4P1NJ
content-security-policy
frame-ancestors 'none'
content-encoding
br
server
Netlify
age
0
etag
"1e0201d8228407712beb8cac83d7b257-ssl-df"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, must-revalidate
date
Fri, 16 Sep 2022 05:00:18 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
12004
x-xss-protection
1; mode=block
details
epsilon.6sense.com/v3/company/
432 B
422 B
XHR
General
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.117.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-117-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0f59d5c868e402889413977cbaee2081200530156aecda98613919f160268d0f

Request headers

Authorization
Token feeee1c1b8e5fdaa6744704973e2bdfb76df296b
Referer
https://www.armorblox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.armorblox.com
access-control-allow-credentials
true
content-length
235
details
epsilon.6sense.com/v3/company/ Frame
0
0
Preflight
General
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.117.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-117-7.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.armorblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.armorblox.com
access-control-max-age
1800
date
Fri, 16 Sep 2022 05:00:19 GMT
server
nginx
img.gif
b.6sc.co/v1/beacon/
43 B
493 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=c860ec22-655b-46f5-82e7-e2cf5f8abdff&session=a967fa02-3538-4bf8-8f8d-fb1c87be318e&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A18%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&pageViewId=78d288c8-caad-467a-8066-45a5b0cd797a&an_uid=0
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
data
aorta.clickagy.com/
57 B
507 B
XHR
General
Full URL
https://aorta.clickagy.com/data
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.244.84 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-244-84.compute-1.amazonaws.com
Software
Aorta/20220915.002ce0217 /
Resource Hash
3c2388c446753ddc7c905f7dec0b6fe060faa20275ab3578be1d9aa6d1699ea8

Request headers

Referer
https://www.armorblox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
server
Aorta/20220915.002ce0217
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.armorblox.com
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
8525762a1403
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
82
hasHashes
hemsync.clickagy.com/external/
2 B
328 B
XHR
General
Full URL
https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.79.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-79-220.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.armorblox.com
access-control-expose-headers
content-length, last-modified, expires, content-type
access-control-allow-credentials
true
content-length
28
cm
us-u.openx.net/w/1.0/
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzowMzA4OTYzYTdkOTgwMWE0OWM1ODI1MjY5OWRjZTk4YQ
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEFc2juat6e59FUx4RXoaAGI&google_cver=1
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
43 B
304 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 05:00:19 GMT
server
Aorta/20220915.002ce0217
location
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
27964dc98cac
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
711861.gif
id.rlcdn.com/
Redirect Chain
  • https://aorta.clickagy.com/liveramp_redir
  • https://id.rlcdn.com/711861.gif
0
98 B
Image
General
Full URL
https://id.rlcdn.com/711861.gif
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Fri, 16 Sep 2022 05:00:19 GMT
server
Aorta/20220915.002ce0217
location
https://id.rlcdn.com/711861.gif
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
1ed7bb016f80
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=212326003800453&ev=PageView&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&rl=&if=false&ts=1663304419145&sw=1600&sh=1200&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663304419144.718159326&it=1663304418836&coo=false&rqm=GET
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 16 Sep 2022 05:00:19 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=212326003800453&ev=Microdata&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&rl=&if=false&ts=1663304419647&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%2C%22meta%3Adescription%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F%22%2C%22og%3Atitle%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%2C%22og%3Adescription%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fa.storyblok.com%2Ff%2F52352%2F1688x1125%2F0ba09c5dd3%2Fgoogle-attacks-article-thumbnail.png%22%2C%22twitter%3Atitle%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%2C%22twitter%3Adescription%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fa.storyblok.com%2Ff%2F52352%2F1688x1125%2F0ba09c5dd3%2Fgoogle-attacks-article-thumbnail.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.81&r=stable&ec=1&o=30&fbp=fb.1.1663304419144.718159326&it=1663304418836&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 16 Sep 2022 05:00:19 GMT
forms2.css
app-sj27.marketo.com/js/forms2/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://app-sj27.marketo.com/js/forms2/css/forms2.css
Requested by
Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5343
vary
Accept-Encoding
content-length
2623
last-modified
Tue, 16 Aug 2022 18:54:37 GMT
server
cloudflare
etag
"1000343-3437-5e66047a81540"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
74b709af485f6903-FRA
expires
Fri, 16 Sep 2022 09:00:19 GMT
forms2-theme-simple.css
app-sj27.marketo.com/js/forms2/css/
826 B
331 B
Stylesheet
General
Full URL
https://app-sj27.marketo.com/js/forms2/css/forms2-theme-simple.css
Requested by
Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
185
vary
Accept-Encoding
content-length
242
last-modified
Tue, 16 Aug 2022 18:54:37 GMT
server
cloudflare
etag
"1000341-33a-5e66047a81540"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
74b709af48646903-FRA
expires
Fri, 16 Sep 2022 09:00:19 GMT
XDFrame
app-sj27.marketo.com/index.php/form/ Frame 294F
2 KB
862 B
Document
General
Full URL
https://app-sj27.marketo.com/index.php/form/XDFrame
Requested by
Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a0c246d0f89264c120505dc030b7aeb15c8290b4025c27054b7103af03f1a3
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.armorblox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
74b709afc9686903-FRA
content-encoding
gzip
content-length
652
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 05:00:19 GMT
server
cloudflare
strict-transport-security
max-age=63113904
vary
Accept-Encoding
x-content-type-options
nosniff
img.gif
b.6sc.co/v1/beacon/
43 B
493 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=c860ec22-655b-46f5-82e7-e2cf5f8abdff&session=a967fa02-3538-4bf8-8f8d-fb1c87be318e&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A18%20GMT%22%2C%22timeSpent%22%3A%221014%22%2C%22totalTimeSpent%22%3A%221014%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&pageViewId=78d288c8-caad-467a-8066-45a5b0cd797a&an_uid=0
Requested by
Host: www.armorblox.com
URL: https://www.armorblox.com/blog/ok-google-build-me-a-phishing-campaign/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
forms2.min.js
app-sj27.marketo.com/js/forms2/js/ Frame 294F
208 KB
69 KB
Script
General
Full URL
https://app-sj27.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: app-sj27.marketo.com
URL: https://app-sj27.marketo.com/index.php/form/XDFrame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-sj27.marketo.com/index.php/form/XDFrame
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sat, 27 Aug 2022 04:27:51 GMT
server
cloudflare
age
3138
etag
"25e05e2-33e56-5e731742b0ec1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
74b709b13c9d6903-FRA
expires
Fri, 16 Sep 2022 09:00:20 GMT
core
rc-animation-feature.js.driftt.com/ Frame D5EB
2 KB
1 KB
Document
General
Full URL
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1663304700000/ikk2zzg7t3aw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.armorblox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 05:00:20 GMT
etag
W/"e0ba8c4792c65912a0f27752679f2268"
last-modified
Tue, 13 Sep 2022 21:03:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-id
JEJgivEqlMK1_E7folTlb71XDJCZq8luddKtrlDHCLyn_004y3HUew==
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
izJFrdH2yNnWzZMQ3OGPAoytmJy4p0X4
x-cache
RefreshHit from cloudfront
chat
rc-animation-feature.js.driftt.com/core/ Frame AB2E
2 KB
1 KB
Document
General
Full URL
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1663304700000/ikk2zzg7t3aw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.armorblox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 05:00:20 GMT
etag
W/"e0ba8c4792c65912a0f27752679f2268"
last-modified
Tue, 13 Sep 2022 21:03:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-id
wHkXGDmLML3c0Ysrd_Qd_TDgAVNf2C0fYzr1SrDn61cLq1L4LVbSfA==
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
izJFrdH2yNnWzZMQ3OGPAoytmJy4p0X4
x-cache
RefreshHit from cloudfront
ha-analytics.php
analytics.humanautomation.ai/
0
140 B
Ping
General
Full URL
https://analytics.humanautomation.ai/ha-analytics.php?action_name=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&idsite=317&rec=1&r=967249&h=5&m=0&s=20&url=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&_id=ef6ac38a7cbdace2&_idn=0&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=NidySP&pf_net=163&pf_srv=369&pf_tfr=42&pf_dm1=765&pf_dm2=1804
Requested by
Host: analytics.humanautomation.ai
URL: https://analytics.humanautomation.ai/ha-analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.246.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-246-234.compute-1.amazonaws.com
Software
nginx/1.20.0 / PHP/7.4.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.armorblox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.armorblox.com
date
Fri, 16 Sep 2022 05:00:20 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
x-powered-by
PHP/7.4.30
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1264165995&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&ul=en-us&de=UTF-8&dt=OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6sense&ea=6sense%20enrich&el=6sense&_u=aGDAiEABRAAAAE~&jid=&gjid=&cid=1680615704.1663304418&tid=UA-103936869-1&_gid=449975977.1663304418&gtm=2wg9e05DM95KB&cd10=%5Bobject%20Object%5D&cd12=Germany&cd18=&cd19=&cd20=&z=560466468
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 19:20:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34771
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
runtime~main.d8e34284.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
6 KB
3 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
Origin
https://rc-animation-feature.js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:12 GMT
server
nginx
etag
W/"6a378099d695e018c52e103c6bef3506"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NqbipGbj6ABaLzielWSrKtKayfSJGdA5
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xcmVyaxletILmnwCMTV6whth2R_Bw81jJBuufpx5k8EjXj2v9mxF3w==
8.611ead2e.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
35 KB
13 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/8.611ead2e.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
Origin
https://rc-animation-feature.js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:44 GMT
server
nginx
etag
W/"6aa29962f34a8e117268142c7cc1cc3d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
6f1FIohAqUAI6bGJMaZ6XE7Cqe0BewlM
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9nlYQvB49g0Guc1yxDEe6ea_bZj6MpOESPLw9NlQk9OwzZi7Otxqnw==
main~493df0b3.7d8b6029.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
7 KB
3 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/main~493df0b3.7d8b6029.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
Origin
https://rc-animation-feature.js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:45 GMT
server
nginx
etag
W/"d67b9f21a56510a527a7f7537b00473f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
200.JHkqTsHSZ1b30fNFwjacL9XvUr9i
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
CdQhHUjq83abd-nLfUa-Jza7HtnoiFg9IxcBgaRCj87vCszd3-jRvQ==
runtime~main.d8e34284.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
6 KB
3 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin
https://rc-animation-feature.js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:12 GMT
server
nginx
etag
W/"6a378099d695e018c52e103c6bef3506"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NqbipGbj6ABaLzielWSrKtKayfSJGdA5
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
pyY-XHXfq-jF14gX1fravfTH61EqSsNHPgg-WDbXUy4nyoaUOtXYEQ==
8.611ead2e.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
35 KB
13 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/8.611ead2e.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin
https://rc-animation-feature.js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:44 GMT
server
nginx
etag
W/"6aa29962f34a8e117268142c7cc1cc3d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
6f1FIohAqUAI6bGJMaZ6XE7Cqe0BewlM
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
GiGP2J4I7tAnf7-96RcFz42E_l8mpJytNrnw_YRC8z-MODuFxopWpw==
main~493df0b3.7d8b6029.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
7 KB
3 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/main~493df0b3.7d8b6029.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin
https://rc-animation-feature.js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:45 GMT
server
nginx
etag
W/"d67b9f21a56510a527a7f7537b00473f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
200.JHkqTsHSZ1b30fNFwjacL9XvUr9i
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
MPBOsZsowcxTrKULUoyQ44wvJHm5MLqjZA8PEjZG1dN3P0FoZwRq2g==
48.36272856.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
47 KB
14 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"11fc6ce0a6034588f5e23638e2b6c3f2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
c4icDGyhc7VrnKV.JFlnNLrNuIO4vUvb
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
aZdm0ikGxu8A6rwSrU3_VIMqSC9j-CobXTCEBlT7tOXwmXlBjS5l2g==
22.fd21eb42.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
44 KB
13 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/22.fd21eb42.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"cbf1bca421271b2567e00a478296192b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
mHefu_2o.RoImpkGlzfx_Ujb1.YOC3_3
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
LMP17axpjJp1Mdd9Cp-CHFbMg7-Rh4_tXiktgxvyY7f3h1f2f9JLzA==
18.40ab7295.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
16 KB
5 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/18.40ab7295.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"fafe5f62fc3aec49b7966fa154962db8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
iPirZmbxIq4Y3kOi6wY2QUkdbM3YATlW
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
2AvcacXzr34tQ_tXT38AGT2uHPX1_VOujHRmiO88wq3q3dEwW5c1mQ==
39.0cc86423.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
25 KB
8 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/39.0cc86423.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
zlH777EgdQ8j4.cqdjfg_YaRJVWYQP1x
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9WuIG7nCcSy-jFrLhvnkrxxkYsSPJXQcFm3PYdmIsCat3hCkR90rng==
20.8c21ea18.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
74 KB
23 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"6d77a76055d81227033363af2f18caf8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
oQY6IAikEO8RYVSKef27j2LnfjYueRtL
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4KzjqnFdPVProygfWMD3CbSsNKL_AZwvtK22jucf2FmZxbuCAMFVTw==
25.8f107198.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
59 KB
19 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/25.8f107198.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"e2511c69e5bdc03467952abaccdb5383"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NMEAVTDNCVgNd736nbmKsWY156pQTmNO
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
UzniB5VztOqBwHlpcOFJbA_jr-L4uwHUHbXdtfzc-YMR43-zH4YbkQ==
13.3e86f1f6.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
91 KB
28 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:42 GMT
server
nginx
etag
W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
p5Gk8z26fGZ568oge0HMXIapaO2BeMnV
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
lKDtgMe884aN3Dyy53FcgL43_r25CIftGJuDxbcHNURW_fAmBKPSyg==
11.639238ba.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
23 KB
7 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/11.639238ba.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:42 GMT
server
nginx
etag
W/"4049f38c00add1738dc4806148ff8829"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
glJo8KQrGthhqDZxAJKhLwd4QUBTJS6x
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
bwe5taq3e22g3W6kn912UUCuoEkUdKLD_RP-wPDPEMuMKUZ0HsBl0A==
16.fde6fa28.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
62 KB
20 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/16.fde6fa28.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:42 GMT
server
nginx
etag
W/"90795af8c950a50300cf801b300db7ab"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Uj9ItSc6JnnFZiXP9kggCCKjJK7jplxD
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tB1PJ_Qrfq5F-UO7oFSA06eknuSsKudo-CJHWcuI-qjiAutzBTJXTg==
46.c9d569f4.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
105 KB
34 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/46.c9d569f4.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"60ea9f8ff45a51f96f67728ef12e7e79"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Ukak3qH2CyQUvyfiyKoL5VgN_JVkUKML
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
gBo8jsbkpinDbTedsgnnAuN-UOwtWRdPa-5D1XccQS1B9Oq8dHov9Q==
37.9da17c94.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
12 KB
4 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/37.9da17c94.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"e5c98ad7a7e70a1957477e33db39149c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
ddqnJzK5Hj1znzr8X0ZPyLB0AscFF1jj
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
C8kjeb5UAOXRA1WOfieKQC-Aw7x1yTU3cHyTQl48zYJtZ9GuZzYLSw==
28.190877b8.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
13 KB
5 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/28.190877b8.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
eR_1IZo2ss8Y3XVh.LfDV4w8JXqnUj6c
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
MjDxA7SY0TR2unAZxscqsFHEjv5jlCUmj7QLfjCsYEbiZ8QdghR_XA==
21.b8c41db9.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
17 KB
7 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"65e5c965272e021ae33ff8bc39565ef5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
tRAmO95E5pfnpA2ORxvB_j709qDGTyRg
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
pNxKBNbGWq8VuDoQE_JGr3dp_sj4VLEb8FB8AjkT3LqCT0aCjinrxw==
9.169d3073.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame AB2E
14 KB
3 KB
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/9.169d3073.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
W/"b35f8e1e1998cfcf5160bc69e61be733"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
FUEb0uaj4QPRy0TnAWf2weH82U10vudV
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
k-izpcNwfE1wU0sOOWptA2wBEAHcUc8amTV2aTcIjcMWPBW9eQ9NJA==
9.4e9a6912.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
75 KB
23 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/9.4e9a6912.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:10 GMT
server
nginx
etag
W/"1583eb6b96fc71c5f3e5fe4b18d55653"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
MMkDWFVJ3r5urAC5RWnxS3iyLZdWunFL
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
LEGnyEJZ1an6vcKgpylZKvPqJloLoghwgWQV02qY5u29pq-QWHV_lw==
17.22abfce0.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame AB2E
24 B
667 B
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/17.22abfce0.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
24
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
"0c5dad92482d9a7c7c253510f5082465"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
0eRC_cbDJEkMqTY4kZnBn6nzNKrBtKSq
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ihZS4dmobP6EdlRXcyMw6UbI0efG90K5oBZlObyQ6W89GuiQO8XKVw==
17.476e9aab.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
79 KB
20 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/17.476e9aab.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:08 GMT
server
nginx
etag
W/"b173e0f836b953dbfe3cc5b6f7998e32"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Makaq_gpS4VURm2Y6rXMU_s75TU7K9hM
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1BMKSxecwZ-NWxOr01qogvHGD71etRNiLAKcUuLp3l0R-UEjPIwgdg==
24.05a5d00e.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
48 KB
13 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/24.05a5d00e.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:09 GMT
server
nginx
etag
W/"7c902daaa997b011f1e41f08418f4919"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
h6KX_In.TbaHrRtSbm9Wg.dZqwEU2m2T
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tOailm-ra57suSyQypbNMIjpFU1Y1phoOQnzy8rKIZtxyi3FAoLKcA==
15.c7403a77.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
40 KB
13 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/15.c7403a77.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:08 GMT
server
nginx
etag
W/"9fb8c393c69ee24f7ce7d62df0e4afdb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Aji_ExLXaz80qLYFKP4W1NUTlVaiVbgs
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
U68MdtNHYgKupWhBV6yWm-UCQQENFjcItw7s-TuD5TOh_ynf2WWI6g==
48.36272856.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
47 KB
14 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"11fc6ce0a6034588f5e23638e2b6c3f2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
c4icDGyhc7VrnKV.JFlnNLrNuIO4vUvb
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Rw9rZHmMsa-oEbtHtRJFbSEdvhq8orSrFxAntzXSQiyekFdgi85VqA==
22.fd21eb42.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
44 KB
13 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/22.fd21eb42.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"cbf1bca421271b2567e00a478296192b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
mHefu_2o.RoImpkGlzfx_Ujb1.YOC3_3
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
jEKprBrYYL9jnLV6Mux7Z9PUnuAOzmN5boYozkvNq8egbXmdGNdOKA==
18.40ab7295.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
16 KB
5 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/18.40ab7295.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"fafe5f62fc3aec49b7966fa154962db8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
iPirZmbxIq4Y3kOi6wY2QUkdbM3YATlW
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
kSC3wCX3UREFuTMZ7FP0UqOCJlt_fehsAOda1RL-4wGLhDWAVLi0Mg==
39.0cc86423.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
25 KB
8 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/39.0cc86423.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
zlH777EgdQ8j4.cqdjfg_YaRJVWYQP1x
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
d2nQLa-3WfvevpErUHDjPO_AbPe9s4abQD2hhQ3S18alTCNXzBJDog==
20.8c21ea18.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
74 KB
23 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"6d77a76055d81227033363af2f18caf8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
oQY6IAikEO8RYVSKef27j2LnfjYueRtL
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
t1b9a9_rS3as-yIAEM-dwfuUX7b12cIC4JonSeyuNG5ByPlcFwBWsw==
25.8f107198.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
59 KB
19 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/25.8f107198.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"e2511c69e5bdc03467952abaccdb5383"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NMEAVTDNCVgNd736nbmKsWY156pQTmNO
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
_H0zM66DLf21d_cjctqsym9JBfZu4sigi0-_pLBwVkCYvYuIzh9Dnw==
13.3e86f1f6.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
91 KB
28 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:42 GMT
server
nginx
etag
W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
p5Gk8z26fGZ568oge0HMXIapaO2BeMnV
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SGEOJ2m-MsYf4HU4sjRfbVd-hl6_i8N6zI6_b041fTlZUFmygevYDg==
11.639238ba.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
23 KB
7 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/11.639238ba.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:42 GMT
server
nginx
etag
W/"4049f38c00add1738dc4806148ff8829"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
glJo8KQrGthhqDZxAJKhLwd4QUBTJS6x
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
f3pd4FqEr-H7ahsHrJsdA5i6kc7rg1hbt1VrTCbK_zBmyzfRyMtKLw==
16.fde6fa28.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
62 KB
19 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/16.fde6fa28.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:42 GMT
server
nginx
etag
W/"90795af8c950a50300cf801b300db7ab"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Uj9ItSc6JnnFZiXP9kggCCKjJK7jplxD
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
XHspzZj-jMrHFZelyLJt_OlkoYequPNx4NtwUya-7jCfiNFN_AgjYQ==
46.c9d569f4.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
105 KB
34 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/46.c9d569f4.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"60ea9f8ff45a51f96f67728ef12e7e79"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Ukak3qH2CyQUvyfiyKoL5VgN_JVkUKML
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
q2ihRHAm8V5fFcRYFibYmRtLYyL8f_E4KDAbemiPt2JZKfo0-Laigg==
37.9da17c94.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
12 KB
4 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/37.9da17c94.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"e5c98ad7a7e70a1957477e33db39149c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
ddqnJzK5Hj1znzr8X0ZPyLB0AscFF1jj
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
bcY3nDQ_UcOe6IqRwHRLpQF8Nskl5qJLq2Y_HIFovVbOmxY2oJuxww==
28.190877b8.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
13 KB
5 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/28.190877b8.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
eR_1IZo2ss8Y3XVh.LfDV4w8JXqnUj6c
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fhxA8YlueVs1zCnfvhwTEeHjuEQPYyE-QpzdI9wGdyMFI0NJwPreHw==
21.b8c41db9.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
17 KB
7 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"65e5c965272e021ae33ff8bc39565ef5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
tRAmO95E5pfnpA2ORxvB_j709qDGTyRg
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
klu2AR49LH-lL7Sj021l_eij8yC_6Fcqf-SH6n0ij9r9gt0XdThfCQ==
9.169d3073.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame D5EB
14 KB
3 KB
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/9.169d3073.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
W/"b35f8e1e1998cfcf5160bc69e61be733"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
FUEb0uaj4QPRy0TnAWf2weH82U10vudV
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
d0ct5ZeLqxu9OubHnbbtZ3s5TnmDZ7AiVPHf4j8khXRaqYJa0ElhIw==
9.4e9a6912.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
75 KB
23 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/9.4e9a6912.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:10 GMT
server
nginx
etag
W/"1583eb6b96fc71c5f3e5fe4b18d55653"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
MMkDWFVJ3r5urAC5RWnxS3iyLZdWunFL
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
MJawRQkEb4AJDtJXF7hnQBhFw9zmmL5zW2XYQmagMWsjjz_6yQgDPg==
17.22abfce0.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame D5EB
24 B
668 B
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/17.22abfce0.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
24
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
"0c5dad92482d9a7c7c253510f5082465"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
0eRC_cbDJEkMqTY4kZnBn6nzNKrBtKSq
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
7JaZNDvA2lc9bYJUEgRxI6Yeh8VbBSGMgVwvxN5wEV9epNU6YDnk6A==
17.476e9aab.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
79 KB
20 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/17.476e9aab.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:08 GMT
server
nginx
etag
W/"b173e0f836b953dbfe3cc5b6f7998e32"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Makaq_gpS4VURm2Y6rXMU_s75TU7K9hM
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
euD1jGWfzlR6DuyXWLFgeqN9A9DcR3c0rgW5cCa5FvWozz_0F9cNng==
24.05a5d00e.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
48 KB
13 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/24.05a5d00e.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:09 GMT
server
nginx
etag
W/"7c902daaa997b011f1e41f08418f4919"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
h6KX_In.TbaHrRtSbm9Wg.dZqwEU2m2T
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Bl1ig5K2xgNMKmrDDFCCGXOcKiX6DcCAqMllNKNiBIA4Ltlr2q4uYA==
15.c7403a77.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
40 KB
13 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/15.c7403a77.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:20 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:08 GMT
server
nginx
etag
W/"9fb8c393c69ee24f7ce7d62df0e4afdb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Aji_ExLXaz80qLYFKP4W1NUTlVaiVbgs
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rMm8UXfxtyP0srzmZrbTLNpcirspRFnyKX8P2lGxni9y7ngQzRJEKA==
img.gif
b.6sc.co/v1/beacon/
43 B
492 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=c860ec22-655b-46f5-82e7-e2cf5f8abdff&session=a967fa02-3538-4bf8-8f8d-fb1c87be318e&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222015%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&pageViewId=78d288c8-caad-467a-8066-45a5b0cd797a&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
34.11d2b6a7.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame AB2E
3 KB
1 KB
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
W/"87532c4db85f1429fa6d759bc3332f36"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
kbgnOworSKKfGkPbbjvYmbz9E8vNDxdp
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Ro7G0skNc2LXKxsbnVHeaMDhIJTrC7HxrEQ0PPYp8Yk5pCGK9Ehz5Q==
34.07340d2f.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
3 KB
2 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/34.07340d2f.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"f732dfb3db72f996e1f4bc0225629a20"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
miFGWRHw7O8GjuWN3cBDO_JQd6JaUJ7C
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dyLn-qAhCdYUqA6J_NqhbM2K7z8I_ov7-QwK3Piub1oUKfsH2soUQg==
0.0b2ebd4a.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
9 KB
3 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:41 GMT
server
nginx
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
0vn5FMppygFTKvJSS2yRAw_jBOlSTERt
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
U1Z83qKbZROA1KAtlomfOF9IwegA5sNOOizWgPvqGAFEq7JVnJY87A==
26.2d4cdbd1.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
34 KB
10 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/26.2d4cdbd1.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"c55d27c90bd5affbf7c7047151ac3b6a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
h1f0AitghHM3x.0ybX2S506u93PmIYAR
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
LKe8_o6iHCrWeWdexHrhcaIrrcKFqe4QgwHaTk70dNofwmuNUsP1cw==
27.9bf46b67.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame D5EB
8 KB
2 KB
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/27.9bf46b67.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
W/"4f21faf2ba450e5fcdf7eda90813e185"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
AuL5Jl8_nzj2xaNNg_Dud6WcaIWqbzfu
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rpqJQdJadKCInmIFHTII84uxT2n6iCn0Gw0i6b2HpLWGVEjoB5y8vQ==
27.da34d730.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
15 KB
6 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/27.da34d730.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
1cc6a48f644462f4735b7a259785e44eea1a53b6a429c74693ef475535c10d7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:09 GMT
server
nginx
etag
W/"46985c2ac15d55e93878f9a279658a9b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
T_8zB8fkNHNpuiFbLa3o6egd.3lD3VlK
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
aCQHNpf9N6ytts_BqMH4xQ7nSFT_nUrlLT3gB84hdJKoNowuUYk-CA==
19.c695453b.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame D5EB
365 B
1009 B
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/19.c695453b.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
365
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
"06b2963b029c0824382815165bfea73e"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
EMS1Sxl6bXGuxURlvDg0b9JnMGo4RSdT
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0zAr6KbwfIYuFGPjU2w6fwysxnWhx6ylXd_cGo6BPZq9dNsFITXUUQ==
19.9fb02756.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame D5EB
88 KB
25 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/19.9fb02756.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
8c046caaaa9685e9a752b2c7d26b145598a30bb98c86bd6936ae0860b7eaa9c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core?embedId=ikk2zzg7t3aw&region=US&forceShow=false&skipCampaigns=false&sessionId=15a2c483-ea36-4a77-9cfe-432806a910a4&sessionStarted=1663304420.087&campaignRefreshToken=28615a8d-e944-4d41-a97a-cb9740b7f638&hideController=false&pageLoadStartTime=1663304417551&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:08 GMT
server
nginx
etag
W/"fdebd50a6fda76541dafbd23c5989673"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
P3R0.eclLQSH4ker.fvNiwdEQ1YR6gWU
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
QkFttJcF2BobX62MeEsNppEe7Pttl_6dIZ8qehGomx-FP_DdLj2OmQ==
0.0b2ebd4a.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
9 KB
3 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:41 GMT
server
nginx
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
0vn5FMppygFTKvJSS2yRAw_jBOlSTERt
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
a5M48SDIwafnlTwngl2UJDNqkp6c6_HbTw8wbIT6uKEmAKoMiTm3Jw==
3.07aa08a5.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame AB2E
7 KB
2 KB
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/3.07aa08a5.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
W/"189aeffd571884559dababa22c66d75a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
0zCgenVHc.qa7lfYuPYm59q6auxC3HTe
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
nDxWE53TsCFXzCZ1_zIZmCroxGG25SJN25gR6SjGf3EPDt4G2Xuivg==
3.f50b964b.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
54 KB
15 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/3.f50b964b.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:43 GMT
server
nginx
etag
W/"1ac37bf2b93050f29058b66a9ad43e10"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
yaBP6BBDcA4_yp_Oy0SBh5d1UgTEYfDv
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
FDIu5AvIR-wzmI4VP6FvHrkgQXgU2TfbSJSlj2RPrtI3aOhyDSYaxA==
1.a51daee8.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame AB2E
43 KB
7 KB
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/1.a51daee8.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
79b11c988e0926dcb77087f3c39a3c72f7226421b7992fa1aecbf89634906a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
W/"2f8b87e824e4cc9983e43d6c7156ae79"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
6d8PAB38rDVh.qzZLJwSAhk6ItbooznT
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
hCd09S94M-ydvEd7QL4qgdel9Bh06imHq2kEeIaKhlsETS1bqHWI8A==
1.04a9dcea.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
73 KB
25 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/1.04a9dcea.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
a19f7d373e0ca741a7e91bbb2e361a16e131ba3ad9482b0690d75bfac9463f7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 13 Sep 2022 21:04:07 GMT
server
nginx
etag
W/"0c3efd46a135f85a5f588cb042dbf5e5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
W9JyY1N6T0SfQngqvUrKtlBS3dts0P7d
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
FpuODpXOB4SGZrQIKtF4Bi0vYD7xcRvVu8eiyovLXn4syNRa_4mqbA==
32.a39c83a8.chunk.css
rc-animation-feature.js.driftt.com/core/assets/css/ Frame AB2E
14 KB
3 KB
Stylesheet
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/css/32.a39c83a8.chunk.css
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
8c83e8a58f1d0c88d1574a24d528a31d7804cdd0741235010bf4ce5ffd30b878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 16:12:40 GMT
server
nginx
etag
W/"a5e166130ff052851935f17711177b8c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
YusO4yUEPAnMJBQnngLN.RBJFbNYcMoW
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
G40a7R6N30fRukE_obNf9yJ49ieFk0XF00g7AGl6QKhLdxTMmLGp2A==
32.a2b7c4c5.chunk.js
rc-animation-feature.js.driftt.com/core/assets/js/ Frame AB2E
12 KB
5 KB
Script
General
Full URL
https://rc-animation-feature.js.driftt.com/core/assets/js/32.a2b7c4c5.chunk.js
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/runtime~main.d8e34284.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-90.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
08180fe4782eb8a2703e219199e24d517b5a53544a9927aa56d65abe51d7b131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rc-animation-feature.js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1663304417551
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 18:12:24 GMT
server
nginx
etag
W/"0556ad2949a758efdcc1debd3a59f9cc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Oi8_qmktBlzygQE2aZshuaFltw01i0ao
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9d5y9T52-H9mQ7gAyirpvUDhoFABMnrMJtbw4CC-RT1vLegOO15Xvw==
v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame D5EB
25 B
123 B
XHR
General
Full URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v2
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://rc-animation-feature.js.driftt.com/
Authorization
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
server
istio-envoy
requestid
5f2630b8626e0850
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-max-age
1209600
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
25
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame
0
0
Preflight
General
Full URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://rc-animation-feature.js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Fri, 16 Sep 2022 05:00:21 GMT
requestid
driftbfe7d074a519d5c8219a63532e7
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
ping
bootstrap.api.drift.com/widget_bootstrap/ Frame D5EB
147 B
245 B
XHR
General
Full URL
https://bootstrap.api.drift.com/widget_bootstrap/ping
Requested by
Host: rc-animation-feature.js.driftt.com
URL: https://rc-animation-feature.js.driftt.com/core/assets/js/48.36272856.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-7-188.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://rc-animation-feature.js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 05:00:21 GMT
server
istio-envoy
requestid
44b19f61735a038c
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-max-age
1209600
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
147
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
ping
bootstrap.api.drift.com/widget_bootstrap/ Frame
0
0
Preflight
General
Full URL
https://bootstrap.api.drift.com/widget_bootstrap/ping
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-7-188.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://rc-animation-feature.js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Fri, 16 Sep 2022 05:00:21 GMT
requestid
drift3e50c2a40d88e4fcd0d27f4b050
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
img.gif
b.6sc.co/v1/beacon/
43 B
493 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=c860ec22-655b-46f5-82e7-e2cf5f8abdff&session=a967fa02-3538-4bf8-8f8d-fb1c87be318e&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223016%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&pageViewId=78d288c8-caad-467a-8066-45a5b0cd797a&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:22 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
492 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=c860ec22-655b-46f5-82e7-e2cf5f8abdff&session=a967fa02-3538-4bf8-8f8d-fb1c87be318e&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A21%20GMT%22%2C%22timeSpent%22%3A%221006%22%2C%22totalTimeSpent%22%3A%224022%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&pageViewId=78d288c8-caad-467a-8066-45a5b0cd797a&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:23 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
492 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=4b4861a6f311e4af4f9089d69467642d&svisitor=null&visitor=c860ec22-655b-46f5-82e7-e2cf5f8abdff&session=a967fa02-3538-4bf8-8f8d-fb1c87be318e&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2016%20Sep%202022%2005%3A00%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225023%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%2C%20the%20Armorblox%20threat%20research%20team%20outlines%20five%20targeted%20phishing%20campaigns%20that%20weaponize%20various%20Google%20services%20during%20their%20attack%20flow.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22OK%20Google%2C%20Build%20Me%20a%20Phishing%20Campaign%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.armorblox.com%2Fblog%2Fok-google-build-me-a-phishing-campaign%2F&pageViewId=78d288c8-caad-467a-8066-45a5b0cd797a&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.armorblox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:00:24 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame D5EB
0
0

bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame
0
0
Preflight
General
Full URL
https://metrics.api.drift.com/monitoring/metrics/event2/bulk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-21-139.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://rc-animation-feature.js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Fri, 16 Sep 2022 05:00:24 GMT
requestid
drifta062f9a42bf9b435774356203a3
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
metrics.api.drift.com
URL
https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| OneTrustStub object| dataLayer object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id string| GoogleAnalyticsObject function| ga function| drift undefined| driftt function| lintrk boolean| _already_called_lintrk object| google_optimize function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData string| pagePath object| ___chunkMapping object| webpackJsonp object| regeneratorRuntime object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate boolean| armorFirstLoad boolean| notouch object| scCGSHMRCache boolean| _pdfjsCompatibilityChecked object| core function| setImmediate function| clearImmediate function| onYouTubeIframeAPIReady function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin string| ___webpackCompilationHash object| Bizible object| BizTrackingA object| BizA object| _vis_opt_queue object| LC_API object| Metadata object| 3eiXJRXgVuLsYGH9303q object| _driftFrames object| __post_robot_10_0_16__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| MunchkinTracker function| process6senseData object| _6si function| fbq function| _fbq object| _analyze object| _analyze_domains object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| MktoForms2 object| ziws boolean| _storagePopulated object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| _initClickagy object| _global object| _cookie object| _tracking object| _form object| Analyze object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| addCaptchaScript object| jQuery112409829201671840764 object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id boolean| analyzeInitiated

36 Cookies

Domain/Path Name / Value
.armorblox.com/ Name: _gcl_au
Value: 1.1.1957819327.1663304418
.armorblox.com/ Name: _ga
Value: GA1.2.1680615704.1663304418
.armorblox.com/ Name: _gid
Value: GA1.2.449975977.1663304418
.armorblox.com/ Name: _dc_gtm_UA-103936869-1
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQK7ROh8_7JzyQAAAYNEq0ReAlCbAzAt8UElkEg7taNgl-ry2OOldCp5Sb4FvmcYcI64Ki32NsMe3Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKu4HIzz1ob-AAAAYNEq0ReQocwBo_qjGjkwaq7zAljeAzM9bLRZwoLHUo4vyB6-slmImpGkLRRh_A_6ofFSA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c4b45016-c4cc-4e4b-87d0-47f0689376aa"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2404:u=1:x=1:i=1663304418:t=1663390818:v=2:sig=AQHTRH8udPMd0Zq0LZB_B3f1ZvowwyQ6"
.armorblox.com/ Name: _biz_uid
Value: dfa33913b178491391cfcfd6e2bcf80c
.armorblox.com/ Name: _biz_sid
Value: 32fde0
.armorblox.com/ Name: _biz_nA
Value: 1
.bizible.com/ Name: _BUID
Value: dfa33913b178491391cfcfd6e2bcf80c
.bidr.io/ Name: bito
Value: AAE-6E7GSAYAAA_3hoixPQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.bizibly.com/ Name: _BUID
Value: 7dd2a0204e2235dd8c1c32ffd7995f36
.armorblox.com/ Name: _mkto_trk
Value: id:176-XMJ-030&token:_mch-armorblox.com-1663304418613-47299
.armorblox.com/ Name: _biz_pendingA
Value: %5B%5D
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202209160500188864f462-91e0-4eef-86f2-9f3bb683c237AQHEzKgptrIAeYHq4bh51ku84C_yVvnc"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjMzMDQ0MTg7MjswMjFV4QUXTHNEd1z+/rkRBC1fiisVPLPIUFhkP46SMAQV7A==
.youtube.com/ Name: YSC
Value: EOfJpoNhqR0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: iwnMfjtWkdc
.armorblox.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.app-sj27.marketo.com/ Name: __cf_bm
Value: 6CSF1yBCd6BOOE5jzlhg8.bguijsIEDapZuxdzwRzxY-1663304418-0-AcsfQzZrxX/GVqYzaybHI6Z9/bzb6UgmxmV1ZVVUc+Ya/X028FGRiNJiYsV/DMfYQIwoUyLjIr7CWL0OVwvrfHc=
.doubleclick.net/ Name: IDE
Value: AHWqTUnEEsCDJDKgiAmzi6CcjjkrIrXWaRxiA06TDXTpBvnWFJZs4_uU-y5casn-
.ws.zoominfo.com/ Name: visitorId
Value: 905724c0b470df9197c7e24f10408748f16df9fc8eaf4e931935317eb85e2b04
.zoominfo.com/ Name: __cf_bm
Value: C0YSy7KApygYzkxCyxjxXmThMRfi0krEYI3eY8.uijY-1663304418-0-AT41GWhOepkcnqlkg+u1yqgRR99XX/otyQ67GlOdF9twRs3RiaS2RUyh3hfW31OlHZxDkblYwtwmfr92dTUcp5M=
www.armorblox.com/ Name: _an_uid
Value: 0
www.armorblox.com/ Name: _gd_visitor
Value: c860ec22-655b-46f5-82e7-e2cf5f8abdff
www.armorblox.com/ Name: _gd_session
Value: a967fa02-3538-4bf8-8f8d-fb1c87be318e
.armorblox.com/ Name: _fbp
Value: fb.1.1663304419144.718159326
.6sc.co/ Name: 6suuid
Value: 64bb10024a540000e3022463af000000eaa80800
www.armorblox.com/ Name: drift_campaign_refresh
Value: 28615a8d-e944-4d41-a97a-cb9740b7f638
www.armorblox.com/ Name: _pk_id.317.04e9
Value: ef6ac38a7cbdace2.1663304420.
www.armorblox.com/ Name: _pk_ses.317.04e9
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990/7f7cd6ac-ebaf-475e-ab1e-e0e05d364990.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh5.googleusercontent.com/WKuTtLhVNw_ibTCgOhyfnAsYG57ZWVjM80VHOjGmv0jvSbxE0CeK6VMUR7tEBHZIVefI1DOuUkT4DG1BhKYJs9hdrycat0j2BaYkQTmMU5W8h7SQTinKUm9d-5WyY7I9DHTIydJb
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/711861.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

176-xmj-030.mktoresp.com
analytics.humanautomation.ai
aorta.clickagy.com
api.storyblok.com
app-sj27.marketo.com
assets.armorblox.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cm.g.doubleclick.net
connect.facebook.net
epsilon.6sense.com
googleads.g.doubleclick.net
hemsync.clickagy.com
id.rlcdn.com
insight.adsrvr.org
j.6sc.co
js.driftt.com
lh5.googleusercontent.com
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
metrics.api.drift.com
munchkin.marketo.net
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
rc-animation-feature.js.driftt.com
secure.adnxs.com
segment.prod.bidr.io
snap.licdn.com
stats.g.doubleclick.net
tags.clickagy.com
us-u.openx.net
use.typekit.net
ws.zoominfo.com
www.armorblox.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
metrics.api.drift.com
104.111.233.140
104.16.93.80
104.96.148.88
13.107.42.14
13.32.121.107
142.250.186.98
152.195.15.58
172.217.23.98
18.214.79.220
18.66.147.90
18.66.15.64
184.73.246.234
185.89.210.82
192.28.147.68
205.185.216.10
2600:9000:2250:a000:f:71f1:7280:93a1
2606:4700::6810:9540
2606:4700::6810:a852
2606:4700::6812:1ecd
2620:1ec:21::14
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:813::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:26f0:11a::6867:4851
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a05:d014:275:cb00:c26c:5b6d:e2c8:e5a
3.33.220.150
34.98.64.218
35.244.174.68
50.16.7.188
52.30.214.212
52.58.117.7
54.147.21.139
54.162.244.84
00c607128729be1872e72d7fe7ffc30555fbef9145d5606129f2bde384180fe3
02d4adff4fd8e99ac15f17a549dee5c6edd0af25cdb48e20ef5f6ae28bd3d782
03998ea27760c02bcbd4e6d8c15fefa7f660941c26d05ee457320ed0d0337e83
03f8a6e311621073ef87440db078abf904e8b830e51fa2a39188ce5915531e68
04f9098825e7c5644552ed96fd1e01bba9bd0c074784d085108ffcc889c06f56
08180fe4782eb8a2703e219199e24d517b5a53544a9927aa56d65abe51d7b131
0f59d5c868e402889413977cbaee2081200530156aecda98613919f160268d0f
10318c5fd4eaf7f569ad17546ef3fe4a2c2497142591bf3927ef713572784907
108c7a90124577dd7e309c7bbc98c844814f32e57911ee670d76505a1dac6808
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110888133169b905b9985af5647fcbbbda2f6f715533fb1a0c62e88ff9390a46
132e0a9dd6275c5353db596f5fec132a5120ff9ad39ab3d27eb4e7ad2b7f9a26
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
15d69b5673cf488a9115372ebf1c3c3410cc5f9aaf58b283ec5c450aa9eb3d0f
162e18544f336f5335835730a3d017b65749cda68d94de3efafe10d679fa72a7
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1b65327fc362f0ec64cb20e092726e717ac73312ffaa3b792c7c49b62bf3fecc
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cc6a48f644462f4735b7a259785e44eea1a53b6a429c74693ef475535c10d7b
1d974f1e1e970e41c63cb0e33398d884db88acac2ba98ec8b9a8df204fd310fc
22159a12c9283a09989be2b9bd606f76129a2b26d1ca8e0d3c0b2f57abea6f40
230cef17f8b019c9e5987e1966b3e131c21fa794a0d76b3a4a712fa849dbee58
2506da391f7bf08d8933cbf783cca162d930429b131903dfdc1bb198a60a821e
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
260c3eb2159e04ce0d647d9beb0e3f2758a82136ea5806d32ea3c50d1b2d8d3a
273b9dc19af04ac2dd618b4b6ae690c2bf7bde4715d13a48126a75b68eebaeb3
276ce26603da0a4bf9d16f692e149734aa6a26eb4e56885938cd8c5582c6d423
2b864ca3960570c7af9b02965b72c84469d288b5cfb03bc1bdcd38e9ce919b06
2bc74d8ac684c2c07dc2c4c8d3df18d6f350631954a49fb342eac5aa13dda267
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
376c16c0f5598f8c744c19291f060232fd0bfa3cd685e7bdbedb5bd1d5779c56
3c2388c446753ddc7c905f7dec0b6fe060faa20275ab3578be1d9aa6d1699ea8
3cb45867ace25baa1d6bcd56d05739fa8733cbadd9959fb33c2c038037a8742d
407e328b15c4137f16f348f1f4834686ab2fd5efbadad679ea5f5acf2fe8e7e1
4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce
42fc1ae55974f761daff6f271095d76b4ebdd16b9c7562960ee5bea66e8ae60c
4594b7b627debade36799c6d367e2a88ca9f3021dc31bda05fbf0c7cc5a98879
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
47d0606aac29b8e5df0845350e3fec479cc51387efb7fef9b3c7bb181b8c7a1c
49ee992f0cfcb5a8e831090f9b7ea63b0da1d6bcb04ca84243c19eee51097c3b
4dbd2d6a9d8933cdd26df1809257010c691bdedc772dd8287e26cdd8963ccbca
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5571f1943dcc57dfed00e9e8c9bcd1588d1b9eccceb9c9472219167cdad0e933
5609cd1f7eecd11ee97aac287f6d44f91cb1c19f16d6fa11fd82acab3eb9cb75
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56fb318d507b410407f0dd2ca73008a6be177111b64e3980fd845870d392756b
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
597514d432ff2059b3e477385c44fb38d44c73f5d640eebe645cf3b340bcff56
5a315706be89e729db8a4bf8736335b620618d508d33b9fbf24183dd89336c8d
5ae33e57bc5a938d3f2fc4b51637e72e6355ae0eded11a1ddb3feff9efdb5765
5b0d34c83943b7b8cbe280fb0b888fc233a1b44f865767282eddd8c5264c4624
5b6f9abbe03119dc36e88acddcb8e50d8522352723c5fd5f1e6c0c3426b4ff5e
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5d7477d20f89c10a61f2d0c92d1bf41159498bd496589e2eabd1d1eb97739ded
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e206d921645cdd77ae1c4fb411bf3d04032d350cddadeb6888dd566ae1d5095
654532dd0adc14475e5a12922f04e9a4ced280bc24f63f5b8788047d1514642a
67bc218612b8368c7a8cace136e6b8051eb748732651946a97e11f6503e4b0fa
6a8f5d3db22e41774d495f5590e386c65e45ee9d6e3019ade87e5a5f9eadf5b0
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6fe7d12500b1182b55e280b2957d45dec850fd112a92e3a538cc7034516ae3c6
7001ada63b35c370c5c207ef8c85d0ae5bd79c826599f1d2bc36de67a6531ea9
71b0089d7c527e6a7531b790e4506f3b2705f5cbb8b3f95a5ceef1fa55cf9338
71e905aff9bad1d3b5a783336fcdd013cc97beb8985e4cd2cf7d195925a48211
78a0c246d0f89264c120505dc030b7aeb15c8290b4025c27054b7103af03f1a3
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
78df6e891c6153241987a2beb3ae39271274a094c36de4922cdc69a23b4811b2
79b11c988e0926dcb77087f3c39a3c72f7226421b7992fa1aecbf89634906a48
79d8bfb0ff06d8516e46d4457bd951ed893d2deed31ab348227e06c91a5a35cf
7affec8282a03eb4eb47780a46e9d8c7f2f5603cfe6be321dd064d03ac60eef3
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7dc1adaf7e84ba05d0037c1a33c1a63f6652b009a251d716b6b4ebf07e78d4b8
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
809db6c849488a111554cadd2cf358db4a820e9d908208250be6d155c2aacda2
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85309942cee52cab47e92148f4c21f15984a1e08a6ed7cbb63e275cabd3dc075
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
89bedf9a0b818f5271c43462a30b5574c4dc36f2c79838902d03f005be824c0d
8aafa41dda6af82cd7b77cf06c811c75134776cb26749a3732896e3a84466ef9
8b29ef7adac993a0cb8042dcb6705fe6e6b13ae8d3c4bf2f6579aa6ae90ae534
8c046caaaa9685e9a752b2c7d26b145598a30bb98c86bd6936ae0860b7eaa9c8
8c83e8a58f1d0c88d1574a24d528a31d7804cdd0741235010bf4ce5ffd30b878
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f27cedaf17cda78d6e31b33e5bf69837621e7f41d1aaaf2305ab154cc33064e
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
93a805e1e77c07570d61dda3ff689dcf2a205ee1452de272d4a2d17e29c352ce
96a6f491f20c119a75861a4de5dfabdfcc98a32b4710a1cff926c52a802ecedf
9a955a830fe4c3916de9ff562a0b8b315e40a862dadd9e456b3266ebb1131497
9ab17804e34a235e778a2fcad45aac8737900071ecc51aeb9b944942faddb8a7
9b05f32b262a8ddfa4c0322b0b4b376258b7996177b98d5a1e2b4585d20cba27
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19f7d373e0ca741a7e91bbb2e361a16e131ba3ad9482b0690d75bfac9463f7a
a40b9fa9a7440c38759c2c8402474e113d3956bb08b77159a4791864d5fb3345
a58dbc67f90f6006af9638b454c3cc2d65cc7125947095587ea7c4b372b11aeb
a77bb1b8bfef4a56cbbb32a3f0db155355f7259e1505797dcce1c128be3a97a1
a88cd5d2766532b8d722540581011ad2fe22441f7ec0db584d86dea3787f2fa9
ab4f468b462952c0b24e589333f2b18cb4ff05177c3d9353d24e8f44d519d2b3
ab8f5663c6c4e7908285f4443950bde8c7f3b2c1a9161e33d900d31c5187ec97
acb2d97133599536a5bbcacd83fccb5e991fa1724cb35344f526bb8445554e9c
ad4233d382a13f75eca9f55dbce03b0cc519d92dc9f809cd39621f028071fdfc
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b3d5b4be6e7a2889c7f7b173472375ce3b2da6033948af5a4484bb7530f06552
b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
b479d1ebea37a435984cca0dfcf6c5c98a2738de1059a4676adc02289ada0686
b509b3e0d4b915888169f22b05841e530955a3891ec9e4a306ca66d617e621ef
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b71f76186117ab510aca8eb8208815da837acdd4b29e171c9897993175c28878
b726950d58a01f4ff987fc29a610f871b1055f749185e626a4b1916f968f1bb5
b75d669453c5377eebafda19b9ae0b4583853a06a5ba817fad8174adacf7fe69
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
ba1b5ba457e3244bfc1b5e32428086b59e9738588b18a6620b9b437b31e48211
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c15b7993391272a1163a3107e5e6596a6c175ddc8930dad30faea75f00758396
c196eda385cab60127300efb93c6ee115a48025ede63f48cdd7c7e2a93f27966
c31739e21da813ddcdaabdbb0e3df14f65e56172012ef4c16bd052ed3ad6fd4d
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
cb17ab922f4d5724f0a90ff0115610a966674e21428fa20b089f496a21cdf71d
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
d0b8a9530fe420d782e19330e0f0efa1063be86f3ddb516908afcd3ae653ac5f
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d3383dd19ed9aad4099c7b406339e82c23385d4d015eba91ec048bbdb8051f25
d3629679a7b8c5d0d6af84a5aca6ef0e8fb7f966b39c6a64cd584dbeef2ca5ce
d42b61b91e910fd6515346f7dd2f09542a3fd2cb080e14ea1a737c414abeb085
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c
daa698c8bbff0f8896f590e544f06c470d03af0dc6d7ecdec4b98e5f6580df5f
dba17f1b29b3b3637d709f951023ea1655b08c6b4f40fd612c5e927ba72829fa
dc993be385b63c746e962cc42adb2ba08a67c3c5eafbd08b28014e105aa8c2d2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
df26a4efbeab7bdc6099663f5762fe2b6c6fd53230064e7503104e3a9582fc37
e046beb1e5af3b7941fe46f8a42016dfa89157e68b398da5bb61d49b6eb47bdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e416bac21f51ef7a9aa172a4c2f761846cb36fe6ae55b6439a6db80b3ff548ad
e4a3280211b5fd200c4d4d043763886820517771353f9fef82a88c52ab5855a7
e4fca87c7981bee30d41f1a4b4b1fbeca4f477b56ebe13c3f4c32ebb95366df2
e5035c8d058e1c25449d6d4852b063de6329a8b4a73dc84f94fbb405f8967d35
e833fbc02878a06d85aa9e8378e939c676f085fbe2d7d385c85450538bfcbc92
eaf1df68503e4437806bb51d28eefe54beeebdf13684a25f2d6a9a86ee96dc32
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef06bd523c398b2ce6c4461e314932819f94a8d17a36480a3fa658429a068774
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1890ff50be4ff79cf7cb28fed7df1839a7d430a9c31094810ec4ea8e5b2fffe
f1d2fc79d147c71aa167b407a47319b8c856948b3200705890a96b312ddf1664
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fb54ec2c7611cd695804c36982789e9595d5bd6bdfee1571e7918485eb82c4f2
fc1e1b414a41e1039d0995863c848978cead85dd93713dedde86a5f4036f046c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91
fecc6547c58a32e5cb5cb4f7c675420c1bfaf7a1058e1da5736084578fda80b2
ffedecaa5ea039ffbdc1cc9d651a4856e08a9f2bbd9e2a5dccefc7cd38e42226