onfido.com Open in urlscan Pro
2600:9000:2156:4e00:1e:f324:d0c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://onfido.mxelm.com/61dec9e95728f70accdb69ad/l/ioeAXtdXvCzzyASck?messageId=o5TWcIRgep9cngHJh&rn=&re=i02bj5yciRGQulGb...
Effective URL:
https://onfido.com/resources/financial-services/identity-fraud-report-2022
Submission: On February 21 via api (February 21st 2022, 8:34:10 am UTC) from SG — Scanned from DE

Summary HTTP 190 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 48 IPs in 6 countries across 40 domains to perform 190 HTTP transactions. The main IP is 2600:9000:2156:4e00:1e:f324:d0c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is onfido.com. The Cisco Umbrella rank of the primary domain is 223560.
TLS certificate: Issued by Amazon on January 11th 2022. Valid for: a year.

This is the only time onfido.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.216.226.213 3.216.226.213	14618 (AMAZON-AES) (AMAZON-AES)
1 14	2600:9000:215... 2600:9000:2156:4e00:1e:f324:d0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
41	143.204.98.47 143.204.98.47	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:3000:12:53a8:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	143.204.98.70 143.204.98.70	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.0.217 151.101.0.217	54113 (FASTLY) (FASTLY)
2 8	2600:9000:215... 2600:9000:2156:8e00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.211.115.8 18.211.115.8	14618 (AMAZON-AES) (AMAZON-AES)
1	34.200.182.42 34.200.182.42	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
3	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
13 16	54.228.17.128 54.228.17.128	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.217 151.101.64.217	54113 (FASTLY) (FASTLY)
2	34.120.202.204 34.120.202.204	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	184.30.24.241 184.30.24.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	3.127.158.112 3.127.158.112	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 2	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:b000:c:90ee:6000:21	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
1	52.202.69.186 52.202.69.186	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.3.66.26 52.3.66.26	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
2	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.9 143.204.98.9	16509 (AMAZON-02) (AMAZON-02)
190	48

1 3.216.226.213 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-226-213.compute-1.amazonaws.com

onfido.mxelm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2156:4e00:1e:f324:d0c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

onfido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 143.204.98.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-47.fra50.r.cloudfront.net

content.cdntwrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:3000:12:53a8:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cihost.uberflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 143.204.98.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.232.28.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.217 (United States)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:8e00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.115.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-115-8.compute-1.amazonaws.com

web-analytics.engagio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.182.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-182-42.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.228.17.128 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.217 (United States)

ASN54113 (FASTLY, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.158.112 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-158-112.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.36 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b000:c:90ee:6000:21 (United States)

ASN16509 (AMAZON-02, US)

dn1f1hmdujj40.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com

go.onfido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.66.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-66-26.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-9.fra50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 4748	751 KB
41	cdntwrk.com content.cdntwrk.com — Cisco Umbrella Rank: 49196	2 MB
24	adroll.com 15 redirects s.adroll.com — Cisco Umbrella Rank: 2263 d.adroll.com — Cisco Umbrella Rank: 1329	33 KB
15	onfido.com 1 redirects onfido.com — Cisco Umbrella Rank: 223560 go.onfido.com	122 KB
7	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 2631 f.vimeocdn.com — Cisco Umbrella Rank: 2731 fresnel.vimeocdn.com — Cisco Umbrella Rank: 2642	228 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5238 bootstrap.api.drift.com — Cisco Umbrella Rank: 5485	473 B
6	uberflip.com cihost.uberflip.com — Cisco Umbrella Rank: 80375	72 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	1 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1357 in.ml314.com — Cisco Umbrella Rank: 7281	13 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
3	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4263 pipedream.wistia.com — Cisco Umbrella Rank: 5795	70 KB
2	company-target.com api.company-target.com — Cisco Umbrella Rank: 2778	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	744 B
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	520 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1638 vimeo.com — Cisco Umbrella Rank: 1527	16 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3601	4 KB
1	driftcdn.com embeds.driftcdn.com — Cisco Umbrella Rank: 5545	9 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2042	16 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2223	955 B
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 7294	863 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	295 B
1	cloudfront.net dn1f1hmdujj40.cloudfront.net	8 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 322	274 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 725	90 B
1	yahoo.com ads.yahoo.com — Cisco Umbrella Rank: 835	194 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 752	589 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 717	477 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 6342	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	engagio.com web-analytics.engagio.com — Cisco Umbrella Rank: 30990	32 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2019	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	65 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	mxelm.com 1 redirects onfido.mxelm.com	619 B
190	40

	Domain	Requested by
64	js.driftt.com	onfido.com js.driftt.com
41	content.cdntwrk.com	onfido.com content.cdntwrk.com
16	d.adroll.com	13 redirects s.adroll.com onfido.com
14	onfido.com	1 redirects onfido.com cihost.uberflip.com content.cdntwrk.com
8	s.adroll.com	2 redirects www.googletagmanager.com onfido.com s.adroll.com d.adroll.com
6	cihost.uberflip.com	onfido.com cihost.uberflip.com content.cdntwrk.com
4	metrics.api.drift.com	js.driftt.com
3	f.vimeocdn.com	player.vimeo.com
3	www.google-analytics.com	onfido.com www.google-analytics.com
2	bootstrap.api.drift.com	js.driftt.com
2	api.company-target.com	dn1f1hmdujj40.cloudfront.net js.driftt.com
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	1 redirects onfido.com
2	x.bidswitch.net	1 redirects onfido.com
2	eb2.3lift.com	1 redirects onfido.com
2	pixel.advertising.com	1 redirects onfido.com
2	dsum-sec.casalemedia.com	1 redirects onfido.com
2	connect.facebook.net	d.adroll.com connect.facebook.net
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	i.vimeocdn.com	player.vimeo.com
2	pi.pardot.com	onfido.com pi.pardot.com
2	ml314.com	onfido.com ml314.com
2	fast.wistia.com	onfido.com fast.wistia.com
1	embeds.driftcdn.com	js.driftt.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	pipedream.wistia.com	fast.wistia.com
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	go.onfido.com	pi.pardot.com
1	www.facebook.com	onfido.com
1	dn1f1hmdujj40.cloudfront.net	web-analytics.engagio.com
1	us-u.openx.net	onfido.com
1	sync.taboola.com	onfido.com
1	ads.yahoo.com	onfido.com
1	image2.pubmatic.com	onfido.com
1	sync.outbrain.com	onfido.com
1	pixel.rubiconproject.com	onfido.com
1	vimeo.com	f.vimeocdn.com
1	www.google.de	onfido.com
1	www.google.com	onfido.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	in.ml314.com	ml314.com
1	web-analytics.engagio.com	onfido.com
1	player.vimeo.com	onfido.com
1	js.hs-analytics.net	onfido.com
1	www.googletagmanager.com	onfido.com
1	maxcdn.bootstrapcdn.com	onfido.com
1	fonts.googleapis.com	onfido.com
1	onfido.mxelm.com	1 redirects
190	49

This site contains links to these domains. Also see Links.

Domain
support.onfido.com
developers.onfido.com
documentation.onfido.com
onfido-support.zendesk.com
onfido.statuspage.io
content.cdntwrk.com
www.aicpa.org
www.linkedin.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.onfido.com Amazon	`2022-01-11` - `2023-02-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
content.cdntwrk.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-17` - `2023-02-11`	a year	crt.sh
*.uberflip.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-09-15` - `2022-10-17`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.engagio.com Amazon	`2021-07-06` - `2022-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-02-12` - `2022-05-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-30` - `2022-02-28`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
go.onfido.com R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh
*.driftcdn.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Frame ID: 697798626C48342E95EFB9A5D94D352F
Requests: 93 HTTP requests in this frame

Frame: https://onfido.com/resources/i/1436436?source=hub&expanded=false&hubItemID=670419435&m4
Frame ID: C358EAEF9A1412751D9444305FC73012
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/349909956?color=3640f5&title=0&byline=0&portrait=0
Frame ID: F44441479E9F6757180A5C350BE08E00
Requests: 9 HTTP requests in this frame

Frame: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
Frame ID: 4B383C23C73FD206AF7257F52CF4DF3D
Requests: 18 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
Frame ID: 2801F262D2C5962E6BF74A815C8CDADB
Requests: 34 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
Frame ID: 12DC21FB8ADAF77CF533E7F85343F9D2
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Identity Fraud Report 2022

Page URL History Show full URLs

https://onfido.mxelm.com/61dec9e95728f70accdb69ad/l/ioeAXtdXvCzzyASck?messageId=o5TWcIRgep9cngHJh&rn=... HTTP 302
https://onfido.com/resources/financial-services/identity-fraud-report-2022 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Engagio (Analytics) Expand

Overall confidence: 100%
Detected patterns

web-analytics\.engagio\.com/js/ei\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

190
Requests

92 %
HTTPS

39 %
IPv6

40
Domains

49
Subdomains

48
IPs

6
Countries

3852 kB
Transfer

9923 kB
Size

46
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://support.onfido.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://developers.onfido.com/
Title: Developer Hub

Search URL Search Domain Scan URL

URL: https://documentation.onfido.com/
Title: API reference

Search URL Search Domain Scan URL

URL: https://onfido-support.zendesk.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://onfido.statuspage.io/
Title: Service status

Search URL Search Domain Scan URL

URL: https://content.cdntwrk.com/files/aT0xNDM2NDM2JnY9MiZpc3N1ZU5hbWU9aWRlbnRpdHktZnJhdWQtcmVwb3J0LTIwMjImY21kPWQmc2lnPWFhNDRiYjZmZjY2NjI5MDAyMjk3ZWMxYzQyMmVlMGU5
Title: Download PDF

Search URL Search Domain Scan URL

URL: https://www.aicpa.org/soc4so

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/onfido

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Onfido/

Search URL Search Domain Scan URL

URL: https://twitter.com/Onfido

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://onfido.mxelm.com/61dec9e95728f70accdb69ad/l/ioeAXtdXvCzzyASck?messageId=o5TWcIRgep9cngHJh&rn=&re=i02bj5yciRGQulGb5d2ZlBnI&sc=false HTTP 302
https://onfido.com/resources/financial-services/identity-fraud-report-2022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://onfido.com/resources/i/1436436?source=hub&expanded=false&hubItemID=670419435&m4 HTTP 301
https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=

Request Chain 59

https://s.adroll.com/j/exp/C76YWNYYC5B5ZIQSOH75HC/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 60

https://s.adroll.com/j/pre/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 74

https://d.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&pv=78563675861.23196&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/XOYPTSRDXJBN3MTI3WL2VH.js

Request Chain 78

https://d.adroll.com/cm/index/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expiration=1676968445 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expiration=1676968445&C=1

Request Chain 79

https://d.adroll.com/cm/n/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expires=365

Request Chain 80

https://d.adroll.com/cm/onevideo/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 81

https://d.adroll.com/cm/outbrain/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

Request Chain 82

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 83

https://d.adroll.com/cm/r/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 84

https://d.adroll.com/cm/taboola/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

Request Chain 85

https://d.adroll.com/cm/triplelift/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 86

https://d.adroll.com/cm/b/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

Request Chain 87

https://d.adroll.com/cm/x/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

Request Chain 89

https://d.adroll.com/cm/o/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=4f781afa24232b9be5e8aca2136d2e7b

Request Chain 90

https://d.adroll.com/cm/g/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=T3ga-iQjK5vl6KyiE20uew HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=T3ga-iQjK5vl6KyiE20uew&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

190 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request identity-fraud-report-2022 Show response
onfido.com/resources/financial-services/
Redirect Chain

https://onfido.mxelm.com/61dec9e95728f70accdb69ad/l/ioeAXtdXvCzzyASck?messageId=o5TWcIRgep9cngHJh&rn=&re=i02bj5yciRGQulGb5d2ZlBnI&sc=false
https://onfido.com/resources/financial-services/identity-fraud-report-2022

330 KB
67 KB

993ms
958ms

Document
text/html

2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e0523d2f3011f89e81f628a5041b9a56e849f91e4927f0272c16fbc5cee5f3d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 67563
server: CloudFront
content-encoding: gzip
content-language: en-US
date: Mon, 21 Feb 2022 08:34:03 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
strict-transport-security: max-age=31536000; includeSubDomains
cloudfront-viewer-country: DE
x-cache: Miss from cloudfront
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nLC7Fa4RNZ65jURbemJ7__Hsi6LdDk7IbhIeLF8fuO6hd7PpI9KVcQ==

Redirect headers

date: Mon, 21 Feb 2022 08:34:03 GMT
content-type: text/html; charset=utf-8
content-length: 192
location: https://onfido.com/resources/financial-services/identity-fraud-report-2022
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=7200
content-security-policy: frame-ancestors 'self' https://*.mixmax.com chrome-extension://ocpljaamllnldhepankaeljmeeeghnid chrome-extension://acopemiijaedckfmlemjdimcnphgbald https://mail.google.com https://inbox.google.com https://*.force.com https://*.salesforce.com; frame-src; report-uri /csp-violation
referrer-policy: no-referrer
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
x-ratelimit-limit: 100
x-ratelimit-reset: 1645518021
x-ratelimit-remaining: 94
vary: Accept, Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 135ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C800italic%2C400%2C300%2C600%2C700%2C800

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1c99808164dd6b9ba56702e3dc6a82987f6f1d06542929d7757890ff8258a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 06:39:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Feb 2022 08:34:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Feb 2022 08:34:04 GMT

GET
H2 200 hubs.700fcd931175db64c535.css
content.cdntwrk.com/css/hubs/ 262 KB
44 KB 52ms
8ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/hubs/hubs.700fcd931175db64c535.css
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9311ba0e89a1aa8e566f2aae2a3e8222814d5f086c8221491a722bf4d5988726

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:26 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 17:29:30 GMT
server: AmazonS3
age: 183639
etag: W/"ac4551e5a360fdaa07e7f62b62683a0c"
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: S6dG7ksrYY8cLKJRKC5ykvSp5ggFkG45iHXiwa3BAdNRSU6mmiJY8A==
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)

GET
H2 200 style.css
cihost.uberflip.com/onfido/master/build/ 60 KB
10 KB 57ms
8ms Stylesheet
text/css 2600:9000:2156:3000:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/onfido/master/build/style.css
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a7d935b2f0c9a1c902a372fdf426122c83553dc29e9f82b9a2109bcf79476b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 01:04:32 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 09:39:44 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1624959580/ctime:1624959580/gid:121/gname:docker/md5:c2c934fa99c1a278c0a8b2963f53c331/mode:33188/mtime:1624959580/uid:1001/uname:runner
age: 26973
etag: W/"c2c934fa99c1a278c0a8b2963f53c331"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9JtlrXT1b3-5u1Bt-QiSyjPNokwe94Id6iCbZBH6wubGOPDC-2LY9A==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 51ms
33ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 2335141
cdn-cachedat: 2021-06-08 14:31:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b899366e5f4fc46a265ab7b0c6e6a259
cf-ray: 6e0ea228fe7690ee-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlODU4OWJiZDk4YjIuanBnJnZlcnNpb249MDAwMCZzaWc9NzgyNDg3OWE4ZGE5NDU1OWMzMTMyM2Y3YWMwOWQzNzE%253D
content.cdntwrk.com/files/ 35 KB
36 KB 9ms
9ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlODU4OWJiZDk4YjIuanBnJnZlcnNpb249MDAwMCZzaWc9NzgyNDg3OWE4ZGE5NDU1OWMzMTMyM2Y3YWMwOWQzNzE%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 71e3e74105965601c0ca9a2b8b2367c1027ff7c9a9fc0a29dfb2f00557875915

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:31:41 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 06:44:12 GMT
age: 13712543
etag: "1585809852-92173ddfafe7cf06b83417de194d68bb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_5e8589bbd98b2.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 36347
x-amz-cf-id: QcI-xc_hYgqo-8SNTRAPHlq-y5ggvMdKKalfNcnimDjRWd1XgxZHEA==

GET
H2 200 c6atf3fkxbzf.js Show response
js.driftt.com/include/1645432500000/ 228 KB
65 KB 168ms
129ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1645432500000/c6atf3fkxbzf.js

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

26d1f8df59f501200b5889d69c5e0f20a0e21f72a59526d2b298a2b41aecfa1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 17:02:23 GMT
server: nginx
etag: W/"1436a50ba1566b47e5386f13b5f845cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u9qbIyi92TsskY9JfPefqUI9Ka_oo6Jd
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tw2Qe3R0EMsnR34uR5YI1ITvXGLYuqLV6T35t1thlAhuQ3qpl7zeMA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
65 KB 135ms
49ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNP3H4H

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18774613cbffdfcdec96bbdbb05046de4509437f3230b830d06bf75b584c4b71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66434
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Feb 2022 08:34:04 GMT

GET
H2 200 subset-LotaGrotesqueAlt1-Regular.woff2
cihost.uberflip.com/onfido/master/build/fonts/ 13 KB
13 KB 31ms
8ms Font
font/woff2 2600:9000:2156:3000:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/onfido/master/build/fonts/subset-LotaGrotesqueAlt1-Regular.woff2
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/onfido/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dae696bfce1988e20490797da2f231873abdb4b7829a8a142410bf880d6a163d

Request headers

Referer: https://cihost.uberflip.com/onfido/master/build/style.css
Origin: https://onfido.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:33:41 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age: 24
x-cache: Hit from cloudfront
content-length: 13224
last-modified: Fri, 11 Oct 2019 13:09:47 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570734034/ctime:1570734034/gid:20/gname:staff/md5:9d4b1649f7ab021ee2294c450731b031/mode:33188/mtime:1570734034/uid:502/uname:modip
etag: "9d4b1649f7ab021ee2294c450731b031"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: TmvvWAxkQGmhndsKK8j-DTnGtIkpTILrptmdOTCBSGeVd80p0OoDDA==

GET
H2 200 ajax-loader-white-2x.gif
content.cdntwrk.com/img/hubs/ 3 KB
3 KB 12ms
11ms Image
image/gif 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=19a554b579c4
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 21:50:21 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jan 2022 17:29:32 GMT
server: AmazonS3
age: 39277
etag: "5217392f882b27d35ec2e72946f2df7e"
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2707
x-amz-cf-id: ypvVUrfQFXP4iY9k1d6PDf6G5ORrCkaq7L-cP5YS_jx9u44oUe8_FQ==

GET
H2 200 chevron-down-64x64.png
content.cdntwrk.com/img/hubs/ 760 B
1 KB 12ms
11ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/chevron-down-64x64.png?v=78668873251b
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 21:50:21 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jan 2022 17:29:33 GMT
server: AmazonS3
age: 39277
etag: "26818bdf0706c780af4a52b44ea17fdc"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 760
x-amz-cf-id: o7wopWSnoke1JCeuJBMFY9uC_HARVoTxbz9B581cXWiRjwFNZ2clmw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 33 KB
34 KB 12ms
11ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNmYxNmI4M2Y0ZWUucG5nJnZlcnNpb249MDAwMCZzaWc9ZTY0M2EyMDIzOWQwYTNjYWUzMzkyMzhlZjU0YTk2MjY%25253D&size=1&version=1617957773&sig=46e42fe15d00d4242a5da1d3c43c4ba5&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 0be21a970587476842c1e21d15551c1bb68282f7a407be63b4490ea0f10e8b26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 08:45:07 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Fri, 09 Apr 2021 08:44:57 GMT
age: 27474537
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwNmYxNmI4M2Y0ZWUucG5nJnZlcnNpb249MDAwMCZzaWc9ZTY0M2EyMDIzOWQwYTNjYWUzMzkyMzhlZjU0YTk2MjY%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 34097
x-amz-cf-id: lFyldT9BrLNRkN5PMGb2vrfi5vQwXpx5nSN752Vy_gQjJ_E1EdJXvw==

GET
H2 200 aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNDliMjNhNWQzNTIuanBnJnZlcnNpb249MDAwMCZzaWc9NDk5YTU3NGU5YzYzYTUxNDU5Zjk2NDczNzNkZmZlNmU%253D
content.cdntwrk.com/files/ 53 KB
54 KB 13ms
13ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNDliMjNhNWQzNTIuanBnJnZlcnNpb249MDAwMCZzaWc9NDk5YTU3NGU5YzYzYTUxNDU5Zjk2NDczNzNkZmZlNmU%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: c2fec7c9522aa2090f05ebd5b3440e25ece9813d56222b6ea22e9590c4d6a51a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 08:46:54 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Tue, 21 Sep 2021 10:21:47 GMT
age: 4837630
etag: "1632219707-cee2eb3f5247fc90c75580db45eebeb5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_6149b23a5d352.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 54537
x-amz-cf-id: vQAt7_prz-V5SO_zOuKbIpAX8XPGqkaItzb-JavQ5widKlRARYZG_g==

GET
H2 200 aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNmU5MDA3OTBiMmMucG5nJnZlcnNpb249MDAwMCZzaWc9ZjA4NTk1NmE4MGU5NmEzZDFmZTkzNzFjNGFiZTE3ZDc%253D
content.cdntwrk.com/files/ 103 KB
103 KB 15ms
14ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNmU5MDA3OTBiMmMucG5nJnZlcnNpb249MDAwMCZzaWc9ZjA4NTk1NmE4MGU5NmEzZDFmZTkzNzFjNGFiZTE3ZDc%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 274bffaf20eac6ef6204cbc3e49469c665f87bb6eba917fa9ed249473e6d0059

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:23:21 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Tue, 19 Oct 2021 09:29:44 GMT
age: 10761043
etag: "1634635784-63c2b79972be69a5724f8bd3600e4c69"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_616e900790b2c.png"
x-amz-cf-pop: FRA50-C1
content-length: 105043
x-amz-cf-id: jru-mntp0XPofyiQas8YEnI-qyObEH1ZTyNMv0qNR2g0IY5fPSFcXw==

GET
H2 200 -w-320.jpg
content.cdntwrk.com/files/aT0xMzExODM1JnA9MCZ2ZXJzaW9uPTImY21kPXYmc2lnPWJkMjdlODViNjU1YjlkMGY0NmI4M2FjN2JkMmQzNjUz/ 17 KB
17 KB 20ms
19ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xMzExODM1JnA9MCZ2ZXJzaW9uPTImY21kPXYmc2lnPWJkMjdlODViNjU1YjlkMGY0NmI4M2FjN2JkMmQzNjUz/-w-320.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: a6bef5c8fd53a2981c4a1e875871cf09707b5b98a31f084a00668c1a63871d40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:06 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jan 2022 09:01:06 GMT
age: 1812778
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
content-disposition: inline; filename="s3_custom_size_image_61f7a55280a9f.jpg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JRDBSc8aVToA-mTE1ZbjSQFyiR_shK-njiSC1qNeY-uUZLA7cBBzwA==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 45 KB
46 KB 21ms
20ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNzE5MzY3N2ViOGQuanBnJnZlcnNpb249MDAwMCZzaWc9YWRjNTkxNWRkZjMxYTUwZmYxZGI1MDZhNDVhYmJkYWU%25253D&size=1&version=1635523861&sig=ddefb05437a89402f6084a1766f67b65&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: ef101b65e88cbdea5acb268e2b6bd8e86e6e33dc1a3eb059f183de4f7a40e9f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:00:10 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Sun, 05 Dec 2021 12:00:00 GMT
age: 6726834
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNzE5MzY3N2ViOGQuanBnJnZlcnNpb249MDAwMCZzaWc9YWRjNTkxNWRkZjMxYTUwZmYxZGI1MDZhNDVhYmJkYWU%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 46558
x-amz-cf-id: TyihohUkat1y3ZkIVyNiyJJtHAKU7vtwej9bAIaKMjfPaIudbLMBGw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 28 KB
28 KB 23ms
22ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwN2VjY2UzY2YxMGYucG5nJnZlcnNpb249MDAwMCZzaWc9MjdmOGJlMWY3ZDEzYjM1YTA4YzRiYjcwZDI3YzUzOTk%25253D&size=1&version=1618922726&sig=2c36c25f6a64e8f081b8f21930ec56ed&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 2c13b048cd9aaf28aa07d167ea49c9f98042f7b6a9fa7cfd67be2dc6e24d6a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:05:37 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jan 2022 11:05:27 GMT
age: 1805307
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwN2VjY2UzY2YxMGYucG5nJnZlcnNpb249MDAwMCZzaWc9MjdmOGJlMWY3ZDEzYjM1YTA4YzRiYjcwZDI3YzUzOTk%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 28259
x-amz-cf-id: 0H_QZh9jTGHC5Mh_bKUJIdtj7t7GrLPAsA_e4MdVQTZ91ZWscI54Fg==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 18 KB
18 KB 25ms
23ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlMzAzOTQ0YjM1NzMucG5nJnZlcnNpb249MDAwMCZzaWc9Mjk1NWJiYTFjMmExY2NmYWExNDZjODgyYjQxNmI1NTM%25253D&size=1&version=1645101840&sig=44aea913c63704dff9e2772cf53ef3d5&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 83fab61d0fe39edfc92fdf99cbb37071e080389d4a0d851f7839f6cb6d0a4cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 13:43:46 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 13:43:36 GMT
age: 327018
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlMzAzOTQ0YjM1NzMucG5nJnZlcnNpb249MDAwMCZzaWc9Mjk1NWJiYTFjMmExY2NmYWExNDZjODgyYjQxNmI1NTM%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 18003
x-amz-cf-id: C_YfXAIindHEDMvOyDHSdJbHAboGeXDimCuyf7wZnX3i-4P6yM5lgA==

GET
H2 200 -w-320.jpg
content.cdntwrk.com/files/aT0xMzg5NTc4JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPTkxZjU1M2YyNWQ0M2Q5OTU3ZWUyZGU1NmQ5ZWMyYWI5/ 17 KB
17 KB 25ms
23ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xMzg5NTc4JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPTkxZjU1M2YyNWQ0M2Q5OTU3ZWUyZGU1NmQ5ZWMyYWI5/-w-320.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 3de255b94369329acaefdd84512223aca857aca6d24de12b3114147a935fbab7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 11:08:08 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Thu, 10 Feb 2022 11:08:08 GMT
age: 941156
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
content-disposition: inline; filename="s3_custom_size_image_6204f21830093.jpg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: iX7YZ3El0LS4LgVdcgZracdJM6MiaR3L_GRK8pTSGjO1K1WszEDbRA==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 19 KB
19 KB 25ms
23ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwMTJhZDEwM2VjOGQucG5nJnZlcnNpb249MDAwMCZzaWc9MWIyYjJhZGE2YjMzNzVjNTc1MTRlMWI4MmZiODU0NDA%25253D&size=1&version=1611936685&sig=9834657e0438e45d3c6a995cd8695200&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 105a6cdb6b72b534878ab2cb9b5baaab555b0dc686de5fa82cffafb86fca7ed8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 11:05:37 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jan 2022 11:05:27 GMT
age: 1805307
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwMTJhZDEwM2VjOGQucG5nJnZlcnNpb249MDAwMCZzaWc9MWIyYjJhZGE2YjMzNzVjNTc1MTRlMWI4MmZiODU0NDA%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 19378
x-amz-cf-id: kfmNLgs07TwxtiHOzd_LUndIoXjNlb_HiMxq0sDQBFQakCqRhBaokQ==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 12 KB
13 KB 26ms
24ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxZTk3MDNkNGRmOTMucG5nJnZlcnNpb249MDAwMCZzaWc9Nzk3NTFiMDRiYmViNTczZGU1ZTcxNGUzZTM0M2M2ZDM%25253D&size=1&version=1644333131&sig=5ade467dd0f598fa4443e4b5748da945&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 3e8b96628b637ddddfa3dfcc957a74f90ca98b4021786fae8d0a70130cbb86c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 15:27:39 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Tue, 08 Feb 2022 15:27:29 GMT
age: 1098385
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxZTk3MDNkNGRmOTMucG5nJnZlcnNpb249MDAwMCZzaWc9Nzk3NTFiMDRiYmViNTczZGU1ZTcxNGUzZTM0M2M2ZDM%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 12692
x-amz-cf-id: Z9FkbOOdALwWX8msMK2lAGoqVnObUfcn7ET5WQW-Gpqze22Gwi-onA==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 45 KB
46 KB 26ms
24ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYmE0MjYzODkwZmQucG5nJnZlcnNpb249MDAwMCZzaWc9NzE1NzRmYTU4NzhlNDI4YTI1Zjg0ZGQ2OWRjYTU4YzY%25253D&size=1&version=1622819428&sig=4e7ef4a4a7f6d559e32520a44516d0ba&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 404b6bf7739d7d903274c4f4dd8b6adc408f42ad8f7d77db39a649360d1624c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 13:24:11 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 13:24:01 GMT
age: 587393
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYwYmE0MjYzODkwZmQucG5nJnZlcnNpb249MDAwMCZzaWc9NzE1NzRmYTU4NzhlNDI4YTI1Zjg0ZGQ2OWRjYTU4YzY%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 46354
x-amz-cf-id: OAorUm_D_ecmEfkBpuan9Js-20wWtwkFY4pklJa9DRfOcjvaPHHIBA==

GET
H2 200 aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNDFhODNmMzlmZDEucG5nJnZlcnNpb249MDAwMCZzaWc9ZGIxMGRlMmE5NWYyOWMwOTEwZWUxYTNjNjg3MjYwYzQ%253D
content.cdntwrk.com/files/ 91 KB
91 KB 27ms
25ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNDFhODNmMzlmZDEucG5nJnZlcnNpb249MDAwMCZzaWc9ZGIxMGRlMmE5NWYyOWMwOTEwZWUxYTNjNjg3MjYwYzQ%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 7e10fc889775d96bb2ab1e30af1d9e9abedbb8e201548500f2fb4f70fc6faf9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:54:13 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 08:01:04 GMT
age: 13736391
etag: "1631692864-fe128584100c716b6661cf9e2b514273"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_6141a83f39fd1.png"
x-amz-cf-pop: FRA50-C1
content-length: 93110
x-amz-cf-id: Jn5E2693W_zRTjrWnL56mIeGLj-CCzZhESUZ7P7X330ILYsmp3hVsw==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 16 KB
16 KB 28ms
26ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVmOGRhNWU4MjAxYzAucG5nJnZlcnNpb249MDAwMCZzaWc9ZjRmNGYzMjU3NGQ3ZGFlZTAyZjk3OTk2NTc1MTk3ZjI%25253D&size=1&version=1644838521&sig=deb4b1b5765c8f6e8184f360703bb33a&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: b44982a8d8a7d3a8688fe8fb66fd78a44451ae78102d09319415a323d73ee60c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 13:24:11 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 13:24:01 GMT
age: 587393
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVmOGRhNWU4MjAxYzAucG5nJnZlcnNpb249MDAwMCZzaWc9ZjRmNGYzMjU3NGQ3ZGFlZTAyZjk3OTk2NTc1MTk3ZjI%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 16144
x-amz-cf-id: TXE8msXY2XyweXyGWVBxEQZnYni8qHO4hKimrqMOe4RpuPsnuVAyQQ==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 20 KB
21 KB 28ms
27ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlZTM4YTA5OTE5OGMucG5nJnZlcnNpb249MDAwMCZzaWc9M2RhN2FlZjNkYjNmYmM1Y2JlZDRiYmZjZDA2YjM1M2M%25253D&size=1&version=1606478684&sig=69d349f6376539bd095c41caf76e21c8&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: c6e9f7edaeaa678f248ce56e7af08ba86f1c1a2eee3ad1d5264e7bfe929ddead

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 13:24:11 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 13:24:01 GMT
age: 587393
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlZTM4YTA5OTE5OGMucG5nJnZlcnNpb249MDAwMCZzaWc9M2RhN2FlZjNkYjNmYmM1Y2JlZDRiYmZjZDA2YjM1M2M%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 20933
x-amz-cf-id: oZhbKoMmSafDZ_G0YyoPLeEKOX2hlzRdhm5jQePcAeVwBATTlI6XYw==

GET
H2 200 aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlNzBlYjhkNTk5NGYucG5nJnZlcnNpb249MDAwMCZzaWc9YThjYTkwYjI3OTBjMjg1ZjM2MmNjYzUzMWU5NTBmZDQ%253D
content.cdntwrk.com/files/ 23 KB
23 KB 29ms
27ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlNzBlYjhkNTk5NGYucG5nJnZlcnNpb249MDAwMCZzaWc9YThjYTkwYjI3OTBjMjg1ZjM2MmNjYzUzMWU5NTBmZDQ%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 95aae00c9d9ac25970bf4a37494f447ed8c4f3a38353a71edee8f4397737ccdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 08:57:32 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Tue, 17 Mar 2020 15:23:58 GMT
age: 603392
etag: "1584458638-75c806fbf5359d6493a8597fa937a62b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_5e70eb8d5994f.png"
x-amz-cf-pop: FRA50-C1
content-length: 23275
x-amz-cf-id: pWY1W5h_3G2rK3ORYJ31igH4gLbJd65-Q2HvU2PBqIlqzTDWYR9cOQ==

GET
H2 200 -w-320.jpg
content.cdntwrk.com/files/aT0xMjEwNzUyJnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPWZhOTg0OGZkNTgyZjZlNmNjMjM3Yzk1ZTdjYzhmZmZj/ 9 KB
9 KB 32ms
31ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xMjEwNzUyJnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPWZhOTg0OGZkNTgyZjZlNmNjMjM3Yzk1ZTdjYzhmZmZj/-w-320.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: da8c9aa56a46840e5613104832d072b3ab33d0a3d00df7d7a7b2bdb1cc79d3ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:27:47 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jan 2022 10:27:47 GMT
age: 1807577
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
content-disposition: inline; filename="s3_custom_size_image_61f7b9a3504bd.jpg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: H1faaACoaW1Y3oRNmVlDzkih7giZTYuJvpznBUDpNrolrnbxlRs9ag==

GET
H2 200 aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVmZTFjOWM1ZjJkNGIucG5nJnZlcnNpb249MDAwMCZzaWc9ZDMyOTdjODJhMzJkM2Y1Y2Y1YTFhOGNiZGFmYjQzZDI%253D
content.cdntwrk.com/files/ 12 KB
13 KB 29ms
28ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVmZTFjOWM1ZjJkNGIucG5nJnZlcnNpb249MDAwMCZzaWc9ZDMyOTdjODJhMzJkM2Y1Y2Y1YTFhOGNiZGFmYjQzZDI%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 8b9bc04940e4e451d515ef3ab9253b9ee0bef2a3c82ca4dcbda0db44d2768c39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:49:14 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Tue, 22 Dec 2020 10:26:15 GMT
age: 14773490
etag: "1608632775-c2810260b00d4cf0cd8218ba87eb7efd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_5fe1c9c5f2d4b.png"
x-amz-cf-pop: FRA50-C1
content-length: 12516
x-amz-cf-id: xkZQvT8aC5xCz-9SKqdRtZ26Mz6gNNkwyt_yEBaxOA5KPmfiAQF9EA==

GET
H2 200 aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNzgyYzk3YTAzNGEucG5nJnZlcnNpb249MDAwMCZzaWc9N2U2NWM3NGRkN2U4OGJkM2VhY2E4YjJjODBhYTNlNDc%253D
content.cdntwrk.com/files/ 11 KB
12 KB 29ms
28ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzYxNzgyYzk3YTAzNGEucG5nJnZlcnNpb249MDAwMCZzaWc9N2U2NWM3NGRkN2U4OGJkM2VhY2E4YjJjODBhYTNlNDc%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 38694e3e3b50c2482665c7604294afa087e345458afe6c8ad593dd6f739ff094

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 10:24:25 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 16:28:08 GMT
age: 9583779
etag: "1635265688-6ca56586f8d67056c8b19a123308a1bd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_61782c97a034a.png"
x-amz-cf-pop: FRA50-C1
content-length: 11441
x-amz-cf-id: OJRiGtgKePU7bP1agN9JPhecrsZ7K7m8hHkHqgsvNNcAqupKTGCIAA==

GET
H2 200 mediaproxy
content.cdntwrk.com/ 50 KB
50 KB 30ms
29ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVmNjM2ZGE2NDk5MzMucG5nJnZlcnNpb249MDAwMCZzaWc9OTllNzBmZDJhNTEyZDE0YWJiZjY1MDg5YmQ4MWFiYmY%25253D&size=1&version=1644836471&sig=9373461f48c9c25238af848ce7455480&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 99ac7112fc76e40889470899fdf23abde6103b98d80460022ade31d2a285ad64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 13:24:18 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 13:24:08 GMT
age: 587386
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1234567890
content-disposition: inline; filename="aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVmNjM2ZGE2NDk5MzMucG5nJnZlcnNpb249MDAwMCZzaWc9OTllNzBmZDJhNTEyZDE0YWJiZjY1MDg5YmQ4MWFiYmY%253D.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 51112
x-amz-cf-id: I7uAtNMMSw-aRzHy1VeznXfplqnvG-MX8OUsiW4DOud337fPQTb3oQ==

GET
H2 200 -w-320.jpg
content.cdntwrk.com/files/aT0xMzU3Mzc1JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPTkyOTZhYjYwNGJiZGI3MDQ1NzAwMjNhNjg4M2Y2ZWNk/ 23 KB
23 KB 30ms
30ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xMzU3Mzc1JnA9MCZ2ZXJzaW9uPTEmY21kPXYmc2lnPTkyOTZhYjYwNGJiZGI3MDQ1NzAwMjNhNjg4M2Y2ZWNk/-w-320.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 521b506ae8f575095087415bcc720ceb0478eb18ab41240aa3c6bf4537369b36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:04:58 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 14:04:59 GMT
age: 1189745
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
content-disposition: inline; filename="s3_custom_size_image_6201270aee97e.jpg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: w4aPFiaFNLu6ZMaui3kwypzhjBZBmbXuJY8_2Qggbcv_NeqkaX4jTA==

GET
H2 200 hubs_app.700fcd931175db64c535.js Show response
content.cdntwrk.com/js/hubs/ 1 MB
311 KB 30ms
30ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/js/hubs/hubs_app.700fcd931175db64c535.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1a42e37a1d6048a04aee2679303fcfb210e2df96abd3d753f09e767ddd245d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 05:52:11 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 17:29:37 GMT
server: AmazonS3
age: 9812
etag: W/"08b152ceba8b03c4b1808105b942a78f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9iPf4eYvqk2nO0LuJ3BunoBYuP-QEIj1P8hVTYc8UVpWPlpK8VP9Nw==
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)

GET
H2 200 integrations-hubspot-v1.js Show response
fast.wistia.com/static/ 16 KB
5 KB 33ms
7ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/static/integrations-hubspot-v1.js

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20ef65f2151a12a282e7cbfd3ce609d50fd93ff3466c46686ade72a0ffadda5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
content-encoding: br
vary: Accept-Encoding
age: 1300
x-cache: HIT, HIT
content-length: 4471
x-served-by: cache-iad-kjyo7100071-IAD, cache-hhn4042-HHN
access-control-allow-origin: *
x-browser-version: 98
last-modified: Mon, 14 Feb 2022 19:30:13 GMT
x-timer: S1645432444.497582,VS0,VE0
etag: "620aadc5-1177"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 7

GET 1436436
onfido.com/resources/i/ Frame C358 0
0

GET
H2 200 soc-2.svg
onfido.com/images/footer/ 19 KB
8 KB 8ms
8ms Image
image/svg+xml 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onfido.com/images/footer/soc-2.svg

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5dba743d2f6b4d888e1b70d586888098cdfd3bbf0d768490d7ad21e337a8bfda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/resources/financial-services/identity-fraud-report-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 08:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556057
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 17 Sep 2020 11:12:57 GMT
server: AmazonS3
etag: W/"8da75f83393ed88fc523e285d85245c5"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=315360000, no-transform, public
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6XhfLxpcv01iloAOF99ggw-KKqhEqa7i3So1rOpRTJQJiPWDmkryMA==

GET
H2 200 bsiIsoIec.svg
onfido.com/images/footer/ 15 KB
6 KB 9ms
8ms Image
image/svg+xml 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onfido.com/images/footer/bsiIsoIec.svg

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e955796dfb214de145c92a5764eaa5c8157eb5f4ec7fd15fba525d5bd87cd71b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/resources/financial-services/identity-fraud-report-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5941752
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 17 Sep 2020 11:12:57 GMT
server: AmazonS3
etag: W/"51f3dd33e4365731c97d8732fc6f6811"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: max-age=315360000, no-transform, public
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UAHRv89U-MJZBPWX5c0pKy5QQOxdkUPIhjQ18na9P2dcubfn_AoNtw==

GET
H2 200 onbrand.bundle.js Show response
cihost.uberflip.com/onfido/master/build/ 16 KB
5 KB 9ms
9ms Script
application/javascript 2600:9000:2156:3000:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/onfido/master/build/onbrand.bundle.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df9bfafb474d3450e066e8202577ab8150ef8c4b172bbaf78037c09cb44c610d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 08:54:34 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 09:39:44 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1624959580/ctime:1624959580/gid:121/gname:docker/md5:fcd04d5a98f41cb0249d5457ffa0c44e/mode:33188/mtime:1624959580/uid:1001/uname:runner
age: 85171
etag: W/"fcd04d5a98f41cb0249d5457ffa0c44e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9i9YPc0eNzcQQ_tOVLr6DWFTLuR7kn1v6H3dSDSFLpevqqzQ9J3d4g==

GET
H2 200 sprite-1x.png
content.cdntwrk.com/img/hubs/ 59 KB
60 KB 24ms
24ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/sprite-1x.png
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.700fcd931175db64c535.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.cdntwrk.com/css/hubs/hubs.700fcd931175db64c535.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 14:54:53 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jan 2022 17:29:33 GMT
server: AmazonS3
age: 581951
etag: "9e7227669aa01cd19bcc27e802668929"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 60511
x-amz-cf-id: bhakWkhOWV3oS9YZs3W6GZirTYseuetViD18PlZ-GZfZ2__dX6Dvzw==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 subset-LotaGrotesqueAlt1-Light.woff2
cihost.uberflip.com/onfido/master/build/fonts/ 13 KB
14 KB 8ms
7ms Font
font/woff2 2600:9000:2156:3000:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/onfido/master/build/fonts/subset-LotaGrotesqueAlt1-Light.woff2
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/onfido/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0cdf997216eb128a710370b81dfcb79756b4351a86b11821746029d40bce055

Request headers

Referer: https://cihost.uberflip.com/onfido/master/build/style.css
Origin: https://onfido.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:33:41 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age: 24
x-cache: Hit from cloudfront
content-length: 13692
last-modified: Fri, 11 Oct 2019 13:09:47 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570734034/ctime:1570734034/gid:20/gname:staff/md5:0627286aa08b55b3e666ed789518e2de/mode:33188/mtime:1570734034/uid:502/uname:modip
etag: "0627286aa08b55b3e666ed789518e2de"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: V6hdlJJQvOt5iscf61UUZw3Eg8vKO5XD2VFx5G4FwQUNSbuB08uOTQ==

GET
H2 200 subset-LotaGrotesqueAlt1-Bold.woff2
cihost.uberflip.com/onfido/master/build/fonts/ 14 KB
14 KB 11ms
11ms Font
font/woff2 2600:9000:2156:3000:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/onfido/master/build/fonts/subset-LotaGrotesqueAlt1-Bold.woff2
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/onfido/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 206c9747a8212abf75872f8a59477d4d539f1cc15f25d998e22adc627eb038a9

Request headers

Referer: https://cihost.uberflip.com/onfido/master/build/style.css
Origin: https://onfido.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 19:36:31 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
age: 46654
x-cache: Hit from cloudfront
content-length: 13884
last-modified: Fri, 11 Oct 2019 13:09:47 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570734034/ctime:1570734034/gid:20/gname:staff/md5:de04c05a9a40ee6d3906b454f2582efc/mode:33188/mtime:1570734034/uid:502/uname:modip
etag: "de04c05a9a40ee6d3906b454f2582efc"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: t6ZsCcVXTxEhLKNu-pS4B8Vm47E1Qtp82FPg44dWFXOmCGn065vGJg==

GET
H2 200 uparrow.png
content.cdntwrk.com/img/hubs/ 194 B
576 B 8ms
8ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/uparrow.png
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.700fcd931175db64c535.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.cdntwrk.com/css/hubs/hubs.700fcd931175db64c535.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 00:26:22 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jan 2022 17:29:33 GMT
server: AmazonS3
age: 547663
etag: "e5bbd7205c8f2ff1cd6c9f777f31da64"
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 194
x-amz-cf-id: zvSNjbx9GXm7md0-UXrP49Vz0IPAYLZ-4BvoQeOsBf6xJWKtj1lqyA==

GET
H2 200 aHViPTcyNTY4JmNtZD1iYWNrZ3JvdW5kX2ltYWdlJnZlcnNpb249MTY0MzI4NTAyMCZzaWc9ZjVhY2QzMjYwY2RjY2Q3NWE4ZWM5ZTc1YTg5YTk1ODE%253D
content.cdntwrk.com/files/ 461 KB
463 KB 9ms
9ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1iYWNrZ3JvdW5kX2ltYWdlJnZlcnNpb249MTY0MzI4NTAyMCZzaWc9ZjVhY2QzMjYwY2RjY2Q3NWE4ZWM5ZTc1YTg5YTk1ODE%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 247bc4fdcce0157f58540e9eb73c40d0565fce4cd00da3eb11d63371f9709426

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:05:39 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 17:58:39 GMT
age: 2147305
etag: "1584554319-dae3dd279f4d7411942b7634f1c95442"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
content-disposition: inline; filename="background_image.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 472494
x-amz-cf-id: _zt0AI1v8pYTpmq_F74mN-kNjuKNu8XxJGpCe5V543CW-ttKzyUcNA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 139ms
51ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3551
date: Mon, 21 Feb 2022 07:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 21 Feb 2022 09:34:53 GMT

GET
H2 200 stats_temp_item_670419435x2bd99788b80db14377fba9e41977f73af6cb5d3f94b5d9756503fa4211a5f5a61645432443aa21bc7ec3780793a6940d209c47edfe7cbeb3dada41d0c4a496f20af70b08e5
onfido.com/resources/hubsFront/signalMetricsTemp/ 0
631 B 424ms
424ms Image
text/html 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onfido.com/resources/hubsFront/signalMetricsTemp/stats_temp_item_670419435x2bd99788b80db14377fba9e41977f73af6cb5d3f94b5d9756503fa4211a5f5a61645432443aa21bc7ec3780793a6940d209c47edfe7cbeb3dada41d0c4a496f20af70b08e5?t=1645432444679

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/resources/financial-services/identity-fraud-report-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cloudfront-viewer-country: DE
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
content-language: en-US
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
content-type: text/html; charset=UTF-8
x-amz-cf-id: nXdOTv6iJn9-JQLiAVD78rBBr2i97eOIhPGKWUUlOUs7EDwgkMlPuA==

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 27 KB
12 KB 152ms
29ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?211
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e0eb74c400dded823098e4cdb9f71e9b360a3f33cad9b346879205851e70f887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 08:34:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 2109161.js Show response
js.hs-analytics.net/analytics/1645432500000/ 62 KB
20 KB 169ms
148ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1645432500000/2109161.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b759c848bbb650a61839a5d620b18dd14c049d9965c17be7db095f5c0dc771

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: FDM199SFNYWGWB43
x-amz-server-side-encryption: AES256
cf-ray: 6e0ea22b789d90a8-FRA
x-amz-id-2: kWP8HF7gf4AhBzdjGETXSFNLSRPJg3wEhIbPSc6pBG4exSnGOErjUZItEylMAhDIa+RD24uXxxI=
last-modified: Mon, 16 Aug 2021 15:08:35 GMT
server: cloudflare
etag: W/"f0070acb4677c8a9e0cca0ba18661b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 21 Feb 2022 08:39:04 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 439ms
101ms Script
application/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
content-encoding: gzip
X-Pardot-Route: 8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
last-modified: Thu, 17 Feb 2022 05:17:47 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 1950
expires: Wed, 21 Feb 2024 08:34:05 GMT

GET
H/1.1 200
OK 349909956 Show response
player.vimeo.com/video/ Frame F444 16 KB
15 KB 259ms
232ms Document
text/html 151.101.0.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/349909956?color=3640f5&title=0&byline=0&portrait=0

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

535334ee458ae0c41eb1a7449c3dd0c4300af82ca78bf20864d9267ecde61a56

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/

Response headers

Connection: keep-alive
Content-Length: 11563
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Mon, 21 Feb 2022 08:38:36 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-b-5
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Mon, 21 Feb 2022 08:34:04 GMT
Age: 0
X-Served-By: cache-hhn4020-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1645432445.725869,VS0,VE226
Vary: Accept-Encoding
X-Player-Backend: p

GET
H2 200 sprite.png
onfido.com/img/footer/flags/ 6 KB
7 KB 11ms
11ms Image
image/png 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onfido.com/img/footer/flags/sprite.png

Requested by

Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/onfido/master/build/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

724a81ca42d4f26cf7addd0f3dec06605c4df32ee34279cf11baf059f23d7ed8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cihost.uberflip.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.onfido.com/
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5941751
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
content-length: 6528
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 17 Sep 2020 11:12:50 GMT
server: AmazonS3
date: Tue, 14 Dec 2021 14:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=315360000, no-transform, public
etag: "1d80ec450600a028ace88043ba220dd6"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: b31OHL0pPej5AFE3kd_IA60ZY7c-N6HmGDib0AUtbqwpo2GQfP0QqA==

GET
H2 200 embed_shepherd-v1.js Show response
fast.wistia.com/assets/external/ 285 KB
65 KB 7ms
7ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/embed_shepherd-v1.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/static/integrations-hubspot-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

22acd3040da68824d236495891e0c5dbe2319fe9c14f557fcb61ad30a261d800

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
content-encoding: br
vary: Accept-Encoding
age: 1302
x-cache: HIT, HIT
content-length: 66682
x-served-by: cache-iad-kcgs7200143-IAD, cache-hhn4042-HHN
access-control-allow-origin: *
x-browser-version: 98
last-modified: Mon, 14 Feb 2022 19:30:13 GMT
x-timer: S1645432445.736923,VS0,VE0
etag: "620aadc5-1047a"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 9

GET
H2 200 aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVjOGE3MzhkMDkwMGUucG5nJnZlcnNpb249MDAwMCZzaWc9Y2I2MDRmMGVkMWQzYmJiZGNlNTMyZTUwYjVhMjhiZTY%253D
content.cdntwrk.com/files/ 145 KB
145 KB 8ms
8ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTcyNTY4JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVjOGE3MzhkMDkwMGUucG5nJnZlcnNpb249MDAwMCZzaWc9Y2I2MDRmMGVkMWQzYmJiZGNlNTMyZTUwYjVhMjhiZTY%253D
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: a3b60d3b407ab45a068bfcb522165bf2449cc7207d31c8946c9af5dfd7072186

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:31:42 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Sat, 01 Jun 2019 01:50:56 GMT
age: 13712542
etag: "1559353856-29e7b641bbdc6f7239739646f090148e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=15552000
content-disposition: inline; filename="itemeditorimage_5c8a738d0900e.png"
x-amz-cf-pop: FRA50-C1
content-length: 148198
x-amz-cf-id: sDxMhT6RULwzSWz_qN9dO5IqF0bZ-BsVo49Fk0uDqhXPckcrNzFAZw==

GET
H2 200 script.js Show response
cihost.uberflip.com/plugins/block-emails/ 59 KB
15 KB 11ms
11ms Script
application/javascript 2600:9000:2156:3000:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/plugins/block-emails/script.js?_=1645432444607
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.700fcd931175db64c535.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9af061417e21c2cdb31784a47ef5c6e26ae1485df1d2d2f8e7ffda50af2f6f9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 20:25:19 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 20:26:54 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570735686/ctime:1570734109/gid:20/gname:staff/md5:79d04a39c7f776d458185e90ff1c49c3/mode:33188/mtime:1570734109/uid:502/uname:modip
age: 43726
etag: W/"79d04a39c7f776d458185e90ff1c49c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vpjswiZU2hdBYnjoiKIxwt1QBfUFHSgVcVk_hR4u14pmSPH_obaMgA==

GET
H2

200

1436436-identity-fraud-report-2022 Show response
onfido.com/resources/i/ Frame 4B38
Redirect Chain

https://onfido.com/resources/i/1436436?source=hub&expanded=false&hubItemID=670419435&m4
https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=

22 KB
23 KB

421ms
421ms

Document
text/html

2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5d60be60d86df4c302b6eb202e0e499d66de9fdc13a85a89757ea98f35511cbb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Response headers

content-type: text/html; charset=UTF-8
server: CloudFront
date: Mon, 21 Feb 2022 08:34:05 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
strict-transport-security: max-age=31536000; includeSubDomains
cloudfront-viewer-country: DE
x-cache: Miss from cloudfront
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KIsK6PjfPWSj-mCNCG5Ml1W3zlkcKASjvD_P_MkB8TBHfXSa-yBmgQ==

Redirect headers

content-type: text/html; charset=UTF-8
content-length: 0
server: CloudFront
date: Mon, 21 Feb 2022 08:34:05 GMT
location: /resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
strict-transport-security: max-age=31536000; includeSubDomains
cloudfront-viewer-country: DE
x-cache: Miss from cloudfront
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: X4bm5xmEE6REGfVkm0Ok3cyPdys27XgFYKPX8jh3AiDkVbZwlrgRVw==

POST
H2 200 ajax_updateMAPUsers Show response
onfido.com/resources/hubsFront/ 126 B
689 B 418ms
418ms XHR
application/json 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onfido.com/resources/hubsFront/ajax_updateMAPUsers

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.700fcd931175db64c535.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b98e0f76f97857fce1b3fbd8e9ed5775988e85fffd71dcc2422f8d012378ea34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://onfido.com/resources/financial-services/identity-fraud-report-2022
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cloudfront-viewer-country: DE
content-length: 126
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
content-language: en-US
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
content-type: application/json
x-amz-cf-id: Wi6hczilXaYVefFhVeWC_V5cnClfD_lehyokvzPOUCxmjbiHY4-d3g==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 46 KB
15 KB 63ms
9ms Script
text/javascript 2600:9000:2156:8e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNP3H4H
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: mLgRV7jYHDvB6wDphJKX5Q2F5vg5l49f
Content-Encoding: gzip
Etag: W/"b8caabe626e64605e61edd5174246bf4"
Age: 3047
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 07 Feb 2022 16:47:41 GMT
Server: AmazonS3
Date: Mon, 21 Feb 2022 07:43:25 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: OURk_fGKAyYPUYlNEO58SyvGHL9hdjS_tRkjZJFrHk6ErdU_NYRBPg==

GET
H2 200 ei.js Show response
web-analytics.engagio.com/js/ 32 KB
32 KB 317ms
102ms Script
application/javascript 18.211.115.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://web-analytics.engagio.com/js/ei.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.115.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-115-8.compute-1.amazonaws.com
Software: /
Resource Hash: 026bfadfe891941fb64aea6f347ad96a05531fa8b6894a169ed10942f19b0e26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: max-age=0
last-modified: Tue, 11 May 2021 18:04:18 GMT
content-length: 32702
vary: Origin
content-type: application/javascript; charset=utf-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 46ms
46ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=908881182&t=pageview&_s=1&dl=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&dp=%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&ul=en-us&de=UTF-8&dt=Identity%20Fraud%20Report%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1805632857&gjid=1145902643&cid=1199451135.1645432445&tid=UA-40119219-1&_gid=2122282775.1645432445&_r=1&_slc=1&z=1886993268

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onfido.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onfido.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 29ms
29ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=52079&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&pv=1645432444859_jufvbid94&bl=en-us&cb=4077983&return=&ht=&d=&dc=&si=1645432444859_jufvbid94&cid=production%7C%7C72568%7C%7C1162876%7C%7C670419435&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?211
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 08:34:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 471ms
167ms Script
application/javascript 34.200.182.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2112022
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?211
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.182.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-182-42.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 08:34:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Tue, 22 Feb 2022 08:34:05 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/C76YWNYYC5B5ZIQSOH75HC/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

15ms
9ms

Script
application/javascript

2600:9000:2156:8e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Server: 2600:9000:2156:8e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 46827
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Sun, 20 Feb 2022 19:33:45 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: RzhuRuYr1pHBVTluuPUul4Hla4sKkO0v_Rgu8_kJo33K9gt5Z-ZAmg==

Redirect headers

Date: Sun, 20 Feb 2022 12:22:00 GMT
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Age: 72723
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: HrCyD-uB_2HHqqPGf75krYmfH9C0OhWjU_6MTeKrGHNU0AdarZd6kg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

9ms
8ms

Script
application/javascript

2600:9000:2156:8e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Server: 2600:9000:2156:8e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 46325
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Sun, 20 Feb 2022 19:42:00 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: RKOp4l8_1aQ3vylZxtGpiDpDzwWHBxq2jS33GDpE57ZSsNZXpl1fAw==

Redirect headers

Date: Sun, 20 Feb 2022 17:57:45 GMT
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Age: 52578
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vUOsPoGfwKXml1YJ0MiAtFL7wpUK--Ns5M04ZTdpkYdakImjvd68KA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/ 0
786 B 24ms
8ms Script
text/javascript 2600:9000:2156:8e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: u0ElARg2ykEWDm.DtzIZY9K2Pk9orpzZ
Via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 1431
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Thu, 10 Feb 2022 23:05:50 GMT
Server: AmazonS3
Date: Mon, 21 Feb 2022 08:10:14 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: iYY4xdimEfyuKO214v4UTVET_S8TD9jjzRWof2SfxFsHtaQBwKlX8Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40119219-1&cid=1199451135.1645432445&jid=1805632857&gjid=1145902643&_gid=2122282775.1645432445&_u=IEBAAEAAAAAAAC~&z=984036906

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onfido.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Feb 2022 08:34:04 GMT
content-type: text/plain
access-control-allow-origin: https://onfido.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 137ms
50ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40119219-1&cid=1199451135.1645432445&jid=1805632857&_u=IEBAAEAAAAAAAC~&z=2096751363

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 139ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40119219-1&cid=1199451135.1645432445&jid=1805632857&_u=IEBAAEAAAAAAAC~&z=2096751363

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 801011632-61837af25dcf2db94c0265240599a96fc0878c6ce196debaf96ec374ec6dbf31-d.jpg
i.vimeocdn.com/video/ Frame F444 1 KB
2 KB 30ms
7ms Image
image/jpeg 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/801011632-61837af25dcf2db94c0265240599a96fc0878c6ce196debaf96ec374ec6dbf31-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/349909956?color=3640f5&title=0&byline=0&portrait=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf81e5d46d5e581cde58ca6c25946fda7862886e0cc6eecdb46d104330796b8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 670001
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1251
viewmaster-server: viewmaster-us-central1-bdgt
x-served-by: cache-dfw18671-DFW, cache-hhn4074-HHN
x-timer: S1645432445.992633,VS0,VE1
etag: fd8a6eea09c01ac7d669c8985a12344b
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/3.49.13/js/ Frame F444 712 KB
166 KB 31ms
8ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.49.13/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/349909956?color=3640f5&title=0&byline=0&portrait=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 144bb75f6f2ed25472c4064fa33c11a309f9ff347256a54a0a9334ae35d4db67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 303577
x-served-by: cache-iad-kjyo7100170-IAD, cache-fra19145-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: application/javascript
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1645432445.994212,VS0,VE0
content-length: 169431
x-cache-hits: 0, 14276

GET
H2 200 player.css
f.vimeocdn.com/p/3.49.13/css/ Frame F444 202 KB
20 KB 30ms
8ms Stylesheet
text/css 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.49.13/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/349909956?color=3640f5&title=0&byline=0&portrait=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9de001ea8caa3e3227f99eb526c3c610037c6ed05b4525ad7fe05ff7f73ece1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 303581
x-served-by: cache-iad-kcgs7200140-IAD, cache-fra19145-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: text/css
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1645432445.994199,VS0,VE0
content-length: 20007
x-cache-hits: 0, 113054

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame F444 3 KB
1 KB 30ms
7ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/349909956?color=3640f5&title=0&byline=0&portrait=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 230082
x-timer: S1645432445.994215,VS0,VE0
x-served-by: cache-iad-kcgs7200063-IAD, cache-fra19145-FRA
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 1250
x-cache-hits: 1, 64074

GET
H2 200 C76YWNYYC5B5ZIQSOH75HC Show response
d.adroll.com/consent/check/ 395 B
864 B 106ms
32ms Script
application/javascript 54.228.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/C76YWNYYC5B5ZIQSOH75HC?arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&_s=16f7d7b2104186b8f3a9344a4f0512dc&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: b79d3b9d257fd33a8177597b28647669c7465ed4bfbaa99acfdb325f3b8e66de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 395
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame F444 0
798 B 151ms
133ms Ping
text/plain 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=ef2f69b22a5c5d6fabea02cd25e6e10365f42c7d1645432444

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Served-By: cache-iad-kiad7000139-IAD, cache-hhn4071-HHN
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1645432445.026284,VS0,VE122
X-Frame-Options: sameorigin
Date: Mon, 21 Feb 2022 08:34:05 GMT
Vary: User-Agent
Expires: Sun, 20 Feb 2022 20:34:05 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server: pweb-v20410-9p6x2
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame F444 0
110 B 137ms
106ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.49.13/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 21 Feb 2022 08:34:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 801011632-61837af25dcf2db94c0265240599a96fc0878c6ce196debaf96ec374ec6dbf31-d
i.vimeocdn.com/video/ Frame F444 39 KB
39 KB 7ms
7ms Image
image/avif 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/801011632-61837af25dcf2db94c0265240599a96fc0878c6ce196debaf96ec374ec6dbf31-d
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/349909956?color=3640f5&title=0&byline=0&portrait=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8d3dc1f1fa4abe29e7aceeabda4fd52970842740acd9b5867be82b4cc4cc8e9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1466979
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
access-control-max-age: 86400
x-backend-server: varnish
content-length: 39797
viewmaster-server: viewmaster-us-central1-qbz7
x-served-by: cache-dfw18628-DFW, cache-hhn4074-HHN
x-timer: S1645432445.083700,VS0,VE1
etag: 9d6018f1b9213cbcd2424b697acc1205
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame F444 0
40 B 131ms
107ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ef2f69b22a5c5d6fabea02cd25e6e10365f42c7d1645432444
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.49.13/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 21 Feb 2022 08:34:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

XOYPTSRDXJBN3MTI3WL2VH.js Show response
s.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/
Redirect Chain

https://d.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2...
https://s.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/XOYPTSRDXJBN3MTI3WL2VH.js

4 KB
2 KB

9ms
8ms

Script
text/javascript

2600:9000:2156:8e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/XOYPTSRDXJBN3MTI3WL2VH.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Server: 2600:9000:2156:8e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87018af89a65aa82eae54a1542e259b27e698e94620c1645f7049de82eba4684

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: IpkJ2fx2xb760UFr35mVkPLo6Y6IYIOw
Content-Encoding: gzip
Etag: W/"583b5642944126eb83329d6b9f15cb2b"
Age: 1428
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Feb 2022 19:35:57 GMT
Server: AmazonS3
Date: Mon, 21 Feb 2022 08:10:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: iGufNFYXtylLmof-VfjeBXJKorosp0Vu66lY4hEJugSUmt3-Uv2LGg==

Redirect headers

date: Mon, 21 Feb 2022 08:34:05 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *
x-segment-eid: XOYPTSRDXJBN3MTI3WL2VH
location: https://s.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS/XOYPTSRDXJBN3MTI3WL2VH.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: YLBPTSVDJ5DJNC644KA5XS
x-segment-name: *
x-advertisable-eid: C76YWNYYC5B5ZIQSOH75HC
x-conversion-currency

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 618ms
617ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=4584&account_id=886253&title=Identity%20Fraud%20Report%202022&url=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-6-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

77f1809048d0eadc67e140b035e47b90e600ec44809e3ecbca00630c197501af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
content-encoding: gzip
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 534
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&pv=78563675861.23196&cookie=&adroll_s_ref=&keyw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: vnBAmvhvCRbHYZ27yOyiznB8mAfmtIrZPn01Gj212K7rSvoLtAur1G0EWp2e2wD9AC1qNsZzVX9l2mDvXzOOpw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 21 Feb 2022 08:34:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
3 KB 9ms
8ms Script
text/javascript 2600:9000:2156:8e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/C76YWNYYC5B5ZIQSOH75HC/YLBPTSVDJ5DJNC644KA5XS?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&pv=78563675861.23196&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: sBWSZHkFa7pjM3czAoACEH9Nk3RE73jm
Content-Encoding: gzip
Etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
Age: 755
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Last-Modified: Fri, 11 Feb 2022 15:05:57 GMT
Server: AmazonS3
Date: Mon, 21 Feb 2022 08:21:30 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: HlO9WOn0LOiTM1a8YVfUkoC8wDFtLlVK6VYZ0ZsGrayhTaSNq-i6xg==

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisabl...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expiration=1676968445
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expiration=1676968445&C=1

43 B
1 KB

16ms
16ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expiration=1676968445&C=1
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 08:34:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Feb 2022 08:34:05 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 08:34:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expiration=1676968445&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 21 Feb 2022 08:34:05 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C7...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expires=365

0
239 B

56ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expires=365
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&expires=365
pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/onevideo/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertis...
https://pixel.advertising.com/ups/55980/sync?uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
124 B

10ms
8ms

Image
text/plain

3.127.158.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Server

3.127.158.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-158-112.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Mon, 21 Feb 2022 08:34:05 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertis...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

0
477 B

380ms
90ms

Image
text/plain

70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 08:34:05 GMT
Cache-Control: no-cache
X-TraceId: 95ae821923526119bf2b3eb8aa7eaf34
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertis...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
589 B

64ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug024:0:485
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C7...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
194 B

73ms
21ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisa...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

0
90 B

47ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13576

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advert...
https://eb2.3lift.com/xuid?mid=4714&xuid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
355 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C7...
https://x.bidswitch.net/sync?dsp_id=44&user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

43 B
510 B

114ms
114ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 08:34:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
Date: Mon, 21 Feb 2022 08:34:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C7...
https://ib.adnxs.com/setuid?entity=172&code=NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

43 B
1 KB

20ms
20ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 08:34:05 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f2fc8176-e5e7-41e0-b0a3-1e89f310734c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Feb 2022 08:34:05 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c0707306-4f90-4e14-912f-04c4d4f0e9f9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 57ms
56ms Image
image/gif 54.228.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C76YWNYYC5B5ZIQSOH75HC
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C7...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=4f781afa24232b9be5e8aca2136d2e7b

43 B
274 B

56ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=4f781afa24232b9be5e8aca2136d2e7b
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=4f781afa24232b9be5e8aca2136d2e7b
pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 87
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093&arrfrr=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&advertisable=C7...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=T3ga-iQjK5vl6KyiE20uew
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=T3ga-iQjK5vl6KyiE20uew&google_tc=
https://d.adroll.com/cm/g/in

42 B
537 B

29ms
29ms

Image
image/gif

54.228.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Server: 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1210544118959138 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1210544118959138?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e34e1eee30f1ef3c3510b3844a83535a2d52b59e11912ce963a51dd30c14143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89120
x-xss-protection: 0
pragma: public
x-fb-debug: IVATkM4GSc27MCVGxBRD+8/pxjB0nQS/xsOoDzacoe+udZwLBuCmqDqLF+TF+NPuuBRt933TSyEKg4co3VuevA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 21 Feb 2022 08:34:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ei_track_all_packed.js Show response
dn1f1hmdujj40.cloudfront.net/js/ 8 KB
8 KB 40ms
13ms Script
application/javascript 2600:9000:2156:b000:c:90ee:6000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dn1f1hmdujj40.cloudfront.net/js/ei_track_all_packed.js
Requested by: Host: web-analytics.engagio.com
URL: https://web-analytics.engagio.com/js/ei.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b000:c:90ee:6000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a497fabf53b9e53cb1a9820b2b6743edbf0b8da1e0c9be996af81373687fc38a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 18:04:18 GMT
age: 3
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
content-length: 8234
x-amz-cf-id: 5bPKLCijr832gTVxYpENqO7S0bvgicjQQOHtKSlPgLtEnEp6lbzs4w==

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 26ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1210544118959138&ev=PageView&dl=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&rl=&if=false&ts=1645432445229&cd[segment_eid]=XOYPTSRDXJBN3MTI3WL2VH&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=29&fbp=fb.1.1645432445227.1771488550&it=1645432445176&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 21 Feb 2022 08:34:05 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 461 B
948 B 134ms
49ms XHR
application/json 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?auth=VvDO7GOvucIjfU5gG7HGTER6NEK3YuPnQUULy6Ml&page_title=Identity%20Fraud%20Report%202022&page=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&referrer=&src=tag
Requested by: Host: dn1f1hmdujj40.cloudfront.net
URL: https://dn1f1hmdujj40.cloudfront.net/js/ei_track_all_packed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 06294245f12818c2d04b2a9f1e1d9d5cadd44667f565cdc6f51c83aaf4dfef28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: 6426db8a-c71a-4598-b48a-4fb42a43d821
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://onfido.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WbnVLG2itd_xJo3mhrBohuWZhbJOgblU5491i9T_sHR9vjexG4O91g==
expires: Sun, 20 Feb 2022 08:34:05 GMT

GET
H2 200 flipbook_style_libs.700fcd931175db64c535.css
content.cdntwrk.com/css/flipbook/ Frame 4B38 34 KB
6 KB 9ms
8ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/flipbook/flipbook_style_libs.700fcd931175db64c535.css
Requested by: Host: onfido.com
URL: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a84620da4e848759ad0cf8242d69d1c9a0f9065571a46cecd0aa7e3bac2bce2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:06:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 17:29:28 GMT
server: AmazonS3
age: 66427
etag: W/"c8b40a2e3b553bb7a98ddbdbe9ddd34c"
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BElEu_FnWQLqekOSSy2Z2aP0GamAy-LWxSY58O_19C13YXShWVdoiw==
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)

GET
H2 200 flipbook.700fcd931175db64c535.css
content.cdntwrk.com/css/flipbook/ Frame 4B38 128 KB
22 KB 10ms
9ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/flipbook/flipbook.700fcd931175db64c535.css
Requested by: Host: onfido.com
URL: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 488dc56ff6f3062249e180b15cf21da863659975636cc06b52fea538daae71ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 18:43:46 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 17:29:28 GMT
server: AmazonS3
age: 136220
etag: W/"57c257a8f425196d13c34dc9345a40b3"
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mmVEe20Wo2Rd985cr3BoyjhMyvHCiKMN4rB6SW3JM9FDCiZu5vKkJw==
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)

GET
H2 200 modernizr.js Show response
content.cdntwrk.com/js/flipbook/ Frame 4B38 49 KB
16 KB 10ms
9ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/js/flipbook/modernizr.js?v=c6aa3f37872d
Requested by: Host: onfido.com
URL: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9ed55e76e18c41069e635a88c37648b50b8cb39fb5862fa2d129661931b6705

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 13:40:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 17:29:35 GMT
server: AmazonS3
age: 586429
etag: W/"47d605babcee6410e0b392220f89143a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lZbVz0BTeydgWaJj6e_VFzVGxyPewM0QyPRModp9rRkoytknqT51Ig==
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)

GET
H2 200 -w-144.jpg
content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MCZ2ZXJzaW9uPTImY21kPXYmc2lnPWY5MjAyZDdkODliNzY2OTc3YTJkNWQ3Y2IzM2Q4OWJh/ Frame 4B38 5 KB
5 KB 11ms
11ms Image
image/jpeg 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MCZ2ZXJzaW9uPTImY21kPXYmc2lnPWY5MjAyZDdkODliNzY2OTc3YTJkNWQ3Y2IzM2Q4OWJh/-w-144.jpg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: b8dce169ac1edb703eac2d7d9e7cb95ab9d1ab7167bd161315cc29d4a95d6aba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 13:18:57 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 13:18:57 GMT
age: 1192508
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
content-disposition: inline; filename="s3_custom_size_image_62011c4183e7c.jpg"
x-amz-cf-pop: FRA50-C1
content-length: 5077
x-amz-cf-id: XX8DP8UJgNbMYLzBJ8ZMaOwuDp1etFJFjoZv1KzN11wgTt4EUrysKA==

GET
H2 200 flipbook_libs.700fcd931175db64c535.js Show response
content.cdntwrk.com/js/flipbook/ Frame 4B38 350 KB
103 KB 8ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/js/flipbook/flipbook_libs.700fcd931175db64c535.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8e068cd7f5c831857807a7cfc29fda4ddc62ac7c1062340c0ea09f87fcfaabc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 18:43:46 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 17:29:35 GMT
server: AmazonS3
age: 136220
etag: W/"fd3799c5e9c4dfcdc71adc10c38f83f9"
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qufMiDAhL4YyxFeOxkWyxgrd5mcmCoF3u_jRZztirSbM6KZgz4224Q==
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)

GET
H2 200 flipbook_app.700fcd931175db64c535.js Show response
content.cdntwrk.com/js/flipbook/ Frame 4B38 783 KB
139 KB 10ms
9ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/js/flipbook/flipbook_app.700fcd931175db64c535.js
Requested by: Host: onfido.com
URL: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e796113f6ae3ff634cfae495790e8e83cb77353a2e94d879e268b1a5dee707a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:36:41 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 15:49:32 GMT
server: AmazonS3
age: 122245
etag: W/"d49067fd07426165e392fca23e933044"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PIAQx2HUt3ikeuERih3PepW7hJAHqK8BnYj5hZerhUxMnfQNEOeAuw==
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4B38 49 KB
20 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3552
date: Mon, 21 Feb 2022 07:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 21 Feb 2022 09:34:53 GMT

GET
H2 200 1436436 Show response
onfido.com/resources/read/flipbook3_title_settings/261138/ Frame 4B38 2 KB
1 KB 401ms
400ms XHR
text/xml 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onfido.com/resources/read/flipbook3_title_settings/261138/1436436?_=1645432445612

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/flipbook/flipbook_libs.700fcd931175db64c535.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

509be96f6f3990adcda925703d47582ec72a8fd57cf6535e3feca6ee9b86020b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cloudfront-viewer-country: DE
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 21 Feb 2022 08:20:30 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/xml;charset=UTF-8
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
x-amz-cf-id: gOF5iZTYv6-A8D1eTFuYlPhq_xryY4KplJOJsPi_bHz3ikuuWZs77w==

GET
H2 200 MTQzNjQzNiZzaWc9MGM4MGVlMzE1ODI3OTZmYmNiMzA1Zjc5YTY4OWFmMzI%253D Show response
onfido.com/resources/read/flipbook_getXML3/1436436/ Frame 4B38 25 KB
6 KB 428ms
427ms XHR
text/xml 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onfido.com/resources/read/flipbook_getXML3/1436436/MTQzNjQzNiZzaWc9MGM4MGVlMzE1ODI3OTZmYmNiMzA1Zjc5YTY4OWFmMzI%253D?1639071961&_=1645432445613

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/flipbook/flipbook_libs.700fcd931175db64c535.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

25432f5fbab05a7a6b0586daf23d0bc90bcaaf48a251de376e108e20c8807666

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cloudfront-viewer-country: DE
content-length: 5236
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: CloudFront
etag: "41dc3430d04650223413031315a34ae2"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/xml;charset=UTF-8
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
x-amz-cf-id: tLBPStdnyuuyJoD7SlnYE7SgSfXH7wiS2l7RT1WTOyWayJ1L3EawmQ==

GET
H2 200 / Show response
onfido.com/resources/read/ajax_issueWidgets/1436436/desktop/ Frame 4B38 2 B
552 B 417ms
417ms XHR
text/html 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onfido.com/resources/read/ajax_issueWidgets/1436436/desktop/?_=1645432445614

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/flipbook/flipbook_libs.700fcd931175db64c535.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://onfido.com/resources/i/1436436-identity-fraud-report-2022?source=hub&expanded=false&hubItemID=670419435&m4=
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
referrer-policy: origin-when-cross-origin
server: CloudFront
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-xss-protection: 1; mode=block
cloudfront-viewer-country: DE
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
content-type: text/html; charset=UTF-8
content-length: 2
x-content-type-options: nosniff
x-amz-cf-id: BbaQiFafPwxdoRjsgu3zrXW3_h3NoTq0QYLr7OeCofhm0Z-H6SL2kg==

GET
H/1.1 200
OK analytics Show response
go.onfido.com/ 50 B
1 KB 530ms
217ms Script
text/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.onfido.com/analytics?conly=true&visitor_id=108668450&visitor_id_sign=8ba358e27208d5d5e9a10ed7bde5688ebc53168ddf8cc0363dad279296a95c1a21da9265c36d994d781ab5ed876126caaf710435&pi_opt_in=&campaign_id=4584&account_id=886253&title=Identity%20Fraud%20Report%202022&url=https://onfido.com/resources/financial-services/identity-fraud-report-2022&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=4584&account_id=886253&title=Identity%20Fraud%20Report%202022&url=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 08:34:06 GMT
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 -w-821.svg
content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MCZ2ZXJzaW9uPTImY21kPXYmc2lnPWY5MjAyZDdkODliNzY2OTc3YTJkNWQ3Y2IzM2Q4OWJh/ Frame 4B38 84 KB
46 KB 11ms
10ms Image
image/svg+xml 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MCZ2ZXJzaW9uPTImY21kPXYmc2lnPWY5MjAyZDdkODliNzY2OTc3YTJkNWQ3Y2IzM2Q4OWJh/-w-821.svg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: bd4f9e48ee24702347f570708db691ce51b538b90341b83d41a375b5adb5fa12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:33:41 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:45:33 GMT
age: 24
etag: W/"1639071933-11ff924248ed172563a1c6db9f84be31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=15552000
content-disposition: inline; filename="0000.svg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: U1PqxONtjD70Zy8YXgSsk7njQeojuL5NA02GQDCp9cdppen86Nakvg==

GET
H2 200 -w-821.svg
content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MSZ2ZXJzaW9uPTImY21kPXYmc2lnPTdkYjhlZDRlMjk1Y2U5YjRkYjZkNzNkNzNkMzJmZTQx/ Frame 4B38 38 KB
14 KB 12ms
11ms Image
image/svg+xml 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MSZ2ZXJzaW9uPTImY21kPXYmc2lnPTdkYjhlZDRlMjk1Y2U5YjRkYjZkNzNkNzNkMzJmZTQx/-w-821.svg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 37388b5605d37fdf90eb72c3aad69eb3a3a955d8c884d56711cd2c28899fc24c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:33:41 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:45:33 GMT
age: 24
etag: W/"1639071933-d7ec7ace43a4711b6c2bbc66e8485685"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=15552000
content-disposition: inline; filename="0001.svg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: G_Dy_qBiUhVqHf75rB9e9hLDMoN4Hpl1u8nDMJcXFfj-bA-EO3WLUw==

GET
H2 200 -w-821.svg
content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MiZ2ZXJzaW9uPTImY21kPXYmc2lnPTllZWQwYjdjMzEwMWYyYmU0MDE4M2NhNTY5YWUxMWIw/ Frame 4B38 127 KB
46 KB 11ms
10ms Image
image/svg+xml 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MiZ2ZXJzaW9uPTImY21kPXYmc2lnPTllZWQwYjdjMzEwMWYyYmU0MDE4M2NhNTY5YWUxMWIw/-w-821.svg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 36af2c07b27ff2b5e89ab060146d464b1e08f01f8ccc870bfece1d3637a6da94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:33:42 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:45:33 GMT
age: 24
etag: W/"1639071933-12b68551476973ef8255927c48b5bac3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=15552000
content-disposition: inline; filename="0002.svg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hKwlR8oLa6Z9gzSlaef4i9EVnA99FiV4q4CC51EgaTbNO5wnlrT-bQ==

GET
H2 200 -w-821.svg
content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MyZ2ZXJzaW9uPTImY21kPXYmc2lnPWUzYjYzODI0MzZlMTY1MGJlNjk2ZGU4Yzk2Y2Q5ZWY4/ Frame 4B38 75 KB
37 KB 12ms
12ms Image
image/svg+xml 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xNDM2NDM2JnA9MyZ2ZXJzaW9uPTImY21kPXYmc2lnPWUzYjYzODI0MzZlMTY1MGJlNjk2ZGU4Yzk2Y2Q5ZWY4/-w-821.svg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: aad14f6d4402e5d6294cb0fe42cc894cd25fa5431145586efa7338b6029dc83d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:33:42 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:45:33 GMT
age: 24
etag: W/"1639071933-46e2e60953ee1675855c792ed14eb9ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=15552000
content-disposition: inline; filename="0003.svg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Em6rtGIStBOgkVA8JErLfs6voaAwKy-7LYxdbTvxr6bU3S1rCHIz2g==

GET
H2 200 -w-821.svg
content.cdntwrk.com/files/aT0xNDM2NDM2JnA9NCZ2ZXJzaW9uPTImY21kPXYmc2lnPTA3MTI3NjZkNTBhOGM3N2EyZDE0ZmY2MGViNTlmYTgx/ Frame 4B38 129 KB
75 KB 14ms
14ms Image
image/svg+xml 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aT0xNDM2NDM2JnA9NCZ2ZXJzaW9uPTImY21kPXYmc2lnPTA3MTI3NjZkNTBhOGM3N2EyZDE0ZmY2MGViNTlmYTgx/-w-821.svg
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 49965a3ed549f6628fa50e324e1d7aee50785ed4d8299f5fda2b4e1bb64ab9e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:33:42 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 17:45:33 GMT
age: 24
etag: W/"1639071933-3b68d9a065bfefc3161101cbc1204e26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=15552000
content-disposition: inline; filename="0004.svg"
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Fns31aRQ0I_rcUbojDaKaEssj4X-7dBCKLC-jEhniCaB251T9hohQg==

GET
H2 200 favicon.png
content.cdntwrk.com/files/dD0yNjExMzgmY21kPWZhdmljb24mdmVyc2lvbj0xNTk0MzEyOTc1JmV4dD1wbmcmc2l6ZT0yNCZzaWc9OTYyYTliZGU4Zjg1Mzc4ODA4YzA3MWEzYTRkYjA5NzA%253D/ Frame 4B38 590 B
930 B 9ms
8ms Image
image/png 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/dD0yNjExMzgmY21kPWZhdmljb24mdmVyc2lvbj0xNTk0MzEyOTc1JmV4dD1wbmcmc2l6ZT0yNCZzaWc9OTYyYTliZGU4Zjg1Mzc4ODA4YzA3MWEzYTRkYjA5NzA%253D/favicon.png
Requested by: Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: /
Resource Hash: 0ea44ecee24e59f455ab256d0c801a180fa2a78b9a1837654400a632ec76d1ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 13:18:58 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 13:18:58 GMT
age: 1192508
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
content-disposition: inline; filename="s3_favicon_62011c4256dd7.png"
x-amz-cf-pop: FRA50-C1
content-length: 590
x-amz-cf-id: I7GIsmugwT10vSoj8FDMVWjDHHBs5YaY6bfsMHwNbGyRQW-NV0dCDg==

GET
H2 204 45744686
onfido.com/resources/read/flipbook4stats_open/1436436/ Frame 4B38 0
668 B 345ms
344ms Image
text/plain 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onfido.com/resources/read/flipbook4stats_open/1436436/45744686?t=1645432446164

Requested by

Host: onfido.com
URL: https://onfido.com/resources/financial-services/identity-fraud-report-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/resources/i/1436436-identity-fraud-report-2022/0?source=hub&expanded=false&hubItemID=670419435&m4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.onfido.com/
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
referrer-policy: origin-when-cross-origin
server: CloudFront
x-amz-cf-pop: FRA50-C1
date: Mon, 21 Feb 2022 08:34:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-xss-protection: 1; mode=block
cloudfront-viewer-country: DE
x-amz-cf-id: Bubg6Lp2phOc5QD-J_jZ4hhFRsXPs8cLa1Cu4Q-iOUEujCNMxwUvVA==
x-content-type-options: nosniff

GET
H2 200 ajax_ping Show response
onfido.com/resources/hubsFront/ 49 B
612 B 405ms
405ms XHR
application/json 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onfido.com/resources/hubsFront/ajax_ping

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.700fcd931175db64c535.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://onfido.com/resources/financial-services/identity-fraud-report-2022
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cloudfront-viewer-country: DE
content-length: 49
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
content-language: en-US
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
content-type: application/json
x-amz-cf-id: jE_tY5qDDYgabWB37OfHA9eECsGgO4GHMv8jc7M15NWk9Z8k0jSnLg==

GET
H2 200 core Show response
js.driftt.com/ Frame 2801 2 KB
1 KB 114ms
113ms Document
text/html 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1645432500000/c6atf3fkxbzf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c7ce9129d72ef25d747bb326a8c890c9c0bd660cfff4acb7ce7882466eafd9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 15 Feb 2022 17:02:15 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: YgXu6fP05x6x0lIk4qfWH69bfIprEZaM
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 21 Feb 2022 08:34:06 GMT
cache-control: no-cache
etag: W/"9ad51941690debd31237e07886c4a820"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uD5AIVPq2BdsItWOLLs2RDrN4HBCyihr1lXcVrXY5L6XsmIutEEAaQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 12DC 2 KB
1 KB 118ms
118ms Document
text/html 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1645432500000/c6atf3fkxbzf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c7ce9129d72ef25d747bb326a8c890c9c0bd660cfff4acb7ce7882466eafd9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 15 Feb 2022 17:02:15 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: YgXu6fP05x6x0lIk4qfWH69bfIprEZaM
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 21 Feb 2022 08:34:06 GMT
cache-control: no-cache
etag: W/"9ad51941690debd31237e07886c4a820"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jIFqyR5Rwui7rXiIGZZ4FxrcN4nUWZHAEPMwnRnEjqXsjFOjMLmyBA==

GET
H2 200 2109161.js Show response
js-na1.hs-scripts.com/ 964 B
863 B 165ms
136ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/2109161.js
Requested by: Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1645432500000/2109161.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1546bb877ca3b152519379ea048c790e087c74bada7171b466f69451999afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Feb 2022 08:34:06 GMT
server: cloudflare
x-hubspot-correlation-id: 5e6645a9-ea44-4ad7-95de-57c5265c85b0
x-trace: 2B595F057C5ACC27415BA9D44402AEC1F7EE42760C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://onfido.com
access-control-max-age: 3600
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 6e0ea23598af8fd1-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
955 B 224ms
206ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1163162232&v=1.1&a=2109161&rcu=https%3A%2F%2Fonfido.com%2Fresources%2Freports-whitepapers-landscape%2Fidentity-fraud-report-2022&pu=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&t=Identity+Fraud+Report+2022&cts=1645432446300&vi=ccbe9eaacac1d10ed5ee3b0c4d68374c&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b124a933-71f7-4fa0-bb34-2c7b24e4412e
cf-ray: 6e0ea235881d902a-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcdeCS6GrNdX98y77eSdNK2c1EQt4MgBj202aH1ZXpFFoViGTvU4zMuvuBcmQSpOz9PHW22kt4mkES7n36B5XlpszCcK3mjBfsZcKa1rbsgHrnoeJhcRKiDLJbsjCYrZmhZEuEq157CmR7mZRtMt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 311ms
99ms XHR
text/plain 52.3.66.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/static/integrations-hubspot-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.66.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-66-26.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://onfido.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 21 Feb 2022 08:34:06 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 runtime~main.97f2beae.js Show response
js.driftt.com/core/assets/js/ Frame 2801 6 KB
3 KB 8ms
7ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

85e7661a2ff868a598b2bf29ce05049c4e8fb2ee5568225336ab0905eda3c1c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:02:15 GMT
content-encoding: gzip
age: 487911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 16:32:51 GMT
server: nginx
etag: W/"e98d07fcdf7d8417fe82a7abe72d5a81"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 268DsMAV4jIZyDLIp96l6zy67R3wv6qm
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IUh7q9Wfn2POmrlTybqVwhldb25apj5RsGG2IynKSZkx-089x0Tpfg==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 58 KB
20 KB 9ms
8ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TgmeW0Kvt3nxhW36h4inCNDZVCm_vYo3gpXooQGOpELNdgrfg3wcOA==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 6 KB
3 KB 9ms
9ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:19 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kHf9DozcRtJuHawu7I3a-Dpq4O91fhsmUEWZrjksIEBFdNxCZnnB3A==

GET
H2 200 runtime~main.97f2beae.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 6 KB
3 KB 9ms
9ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

85e7661a2ff868a598b2bf29ce05049c4e8fb2ee5568225336ab0905eda3c1c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:02:15 GMT
content-encoding: gzip
age: 487911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 16:32:51 GMT
server: nginx
etag: W/"e98d07fcdf7d8417fe82a7abe72d5a81"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 268DsMAV4jIZyDLIp96l6zy67R3wv6qm
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BSoqFgMi78Gru617wrBNwl9dTU34G8LZBiIAwwHoOT8aDjhmJqaBTw==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 58 KB
20 KB 10ms
9ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NbMktbkmGXSFpJet4Ltqq1HPyx3Tbs-pZwWOhQhVLt6DZR_DqT-VxQ==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 6 KB
3 KB 10ms
10ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:19 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L29jYDrRAT-F54EZGJHjfzU9K1jCUQbEnDxX-RjOjyLXWfIxIBQksQ==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 47 KB
14 KB 10ms
7ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I1xOkOCa4QfP4VZ-DRxXwgCFO4I7l_mXPw26I-8X1WJXe9q4p1QgjA==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 44 KB
13 KB 12ms
8ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lNxvpWQFKnV9Ts3LsOd_RHrMEUqaUhpiUJZRJaVQHJbtBC-7ug9RLg==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 25 KB
8 KB 13ms
9ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h9yzLQxBcOk-txY4xSkZ9aQUqAAjkbMqwdAN8c07q6r9EZueEPBygg==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 16 KB
5 KB 13ms
10ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W5mdoj0FOmKX9Sut3wyTZp6H9EKibjKbtOyeJj73s1NPaSNhfIz45A==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 72 KB
22 KB 14ms
10ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 4120823
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l7xIxxPzD9qoZ6jOrnXlPZVGR6QGviOwA1aFW6x4qxymDurw8D3B7A==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 16 KB
6 KB 16ms
12ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L4j2RKB9oIfXH-e5RmGuCJMytSxmvwv_WNFbT0Zl-mCaJrc5QQqJXw==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 59 KB
19 KB 16ms
13ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 4778463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c0EyGnAM5bjYNk4o1_TZMlSbHz3zR71GT4YdVNdmynPw-2slemHw5A==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 91 KB
28 KB 17ms
13ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zo_MISGexnochkDa7sUmUmebMUlgdDl17fGMiEaaoapuRBvjn9AKQQ==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 24 KB
7 KB 18ms
15ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vZriURYEY2OoiiaWxRD65D4FQ0cslGg7Rx_gUsEobsdG6xP7YtNqfA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 62 KB
20 KB 18ms
16ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kh7m0sTX1G7CPHb_KhrOYdB6uFZK2YxJoe0_0krh4idhN9E0bV92NA==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 105 KB
34 KB 20ms
18ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5SZlIK4tNqbuRiffC6KWCsRiXRDYwGm0sgOM8CUvPGT-EvrIw9f7lw==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 12 KB
4 KB 22ms
20ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JT5F82TSSrVaMZ4mIoJo1sKbiUfntE4Z_oqfjdJRr5Qan9LnylbJKw==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 12 KB
5 KB 23ms
21ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8RVFMrtS_raaiQlyS_wpwsL4VWMDcRd0sq238fqe2agan2w1ROxhgQ==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 17 KB
7 KB 23ms
21ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NEy82Hho4IZkoPjKvuxK6P8OBQcrB4E49vBpm9N_djD7mguXF8R_aw==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 2801 11 KB
3 KB 22ms
20ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iRMvQzOkppRl5nqRw8vAdy0mAeAmTFxUlFwfrRWqcDXVrdVkHOHhRw==

GET
H2 200 8.c30eb26a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 69 KB
22 KB 23ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.c30eb26a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6068d230ddc2a94a269034dab608f9966fec8531b5e00c006634c8d725b3765c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 15:29:03 GMT
content-encoding: gzip
age: 1011903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 15:13:08 GMT
server: nginx
etag: W/"a75f570fd77fc567c56e5c7fdad25d77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: taRffhX16zK2eZuMfxLJC70jbfGAjmFM
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JqwTCDelzIkpSGap2yfdJa0PHluWxe_JNULe351N12scqls9VqCh_Q==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 2801 24 B
666 B 22ms
21ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 71PAWx9sIRaKdrYjp4Mvc6WqmaEzhbQyn3tqTKOWtP03pVrCZt2FWQ==

GET
H2 200 15.1d8f5012.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 75 KB
19 KB 23ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.1d8f5012.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 1446664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"a10801df313ae6aee5353f1d56ee158d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KAn62QiCijDwsq5BJEU9_1eTMFOTCVrB
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1oA9cwnGMf-GQGL7niTxjyDg-1GtQ4AiFR0XGNuahxkN0GEudNaOaQ==

GET
H2 200 22.947209a2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 47 KB
13 KB 24ms
23ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.947209a2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 1446664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"d06d1a64be2b2e5ab91bedd7c4c17717"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k7zUF0pgH6bmYsPK._H98sqTvr7U2rBt
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rq2_Hd278t_KrHKmkgdBU_yCIoIMeNSE9p3KETnBQmj8LSN-DO5nSQ==

GET
H2 200 13.014e96bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 41 KB
13 KB 24ms
24ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.014e96bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5663a7a55772ac03276f27f2cf05b093c71c6b79c1bf8b7e071b3621b8126f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:02:15 GMT
content-encoding: gzip
age: 487911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 16:32:48 GMT
server: nginx
etag: W/"0ee44fe830a2d282378c97205f753960"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eTrq2_ygCQ8X0KEyQ2jeWW6y8G2tanE7
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nQ5_3Pk-_-PpsiW_l0nXWPED8xgvxGoMLWFEvZexDBRffLi8ZVNuAQ==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 47 KB
14 KB 22ms
21ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jJKh-S-zIO5tQEN-lPW2WTMptfYA4y3OrZTnc_Ihs6ITxcSuEnVwrw==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 44 KB
13 KB 22ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Bpb9egc8t-PMWPsLIp2Ib3gqPKCdXDk-Aa5I5KyEctmMZQXNb8Rsbg==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 25 KB
8 KB 23ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DyjzPEpWTW1N35rgvdlx6uK8Lgs-NLPQQOtqRrfXd5-ZC7aRurkweQ==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 16 KB
5 KB 23ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y1suNfRZo81YzKNFrpWyJ2LDTDMl_zzkhjF4t8HMVzU8Y3hft_a0tQ==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 72 KB
22 KB 23ms
23ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 4120823
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: exjT81Cl5Csj6iuG9MWOUqbhMWhjelAakf6t9LtrPZEqkRfRZTufKg==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 16 KB
6 KB 24ms
23ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mp4aqqRbrfvbiZxdxwUhMWGk1NYmGu3oSvTmVQz-kSnSxI5nou3o-w==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 59 KB
19 KB 24ms
24ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 4778463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G1QoKWt4e4GlZ7MjRAOTyRa6KbC_NqbV43cs5skLSuHQufUIxC7SaQ==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 91 KB
28 KB 24ms
24ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xo1R1yImjgp9q6m_kYJ3EjaHbzYY3sisIKXBwjqep1FgFco5w5IuBQ==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 24 KB
7 KB 26ms
25ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: awnLkU-02e2KLh-07RDS7hsZjxNec430PRKyM4vTq6ist7UkNZv2-A==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 62 KB
20 KB 26ms
23ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zrGTs4tEOVga9nExe1pCbuFXcjXMfaijv1m1MG6xTYUVYuheKUttVg==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 105 KB
34 KB 26ms
20ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7HiZHb9HF0Gbic-v-HptE7ytdaw_r_1Rq_PNwq3B3G5ALM05xtzhVQ==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 12 KB
4 KB 27ms
19ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5YuCRybjJxqxcZ4d-NdTSo7WZgPYe4KJXFZoXXsAEBWtF1Rrs23NeQ==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 12 KB
5 KB 27ms
16ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EYWyS58j1bZQilmVCXzMLrcxE846kanCvntxebnagiqj21FAQBo39g==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 17 KB
7 KB 27ms
16ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B8abMc29r_sNHs50bcVZQur3V2liKqcLIi9OsIJSQzubJ22qDcd59w==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 12DC 11 KB
3 KB 26ms
15ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 72CufcMPWzhDiccBt8JoMnKtBMzQBE0XUMeVz-CJK8H-9QDkYTzrUA==

GET
H2 200 8.c30eb26a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 69 KB
22 KB 26ms
15ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.c30eb26a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6068d230ddc2a94a269034dab608f9966fec8531b5e00c006634c8d725b3765c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 15:29:03 GMT
content-encoding: gzip
age: 1011903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 15:13:08 GMT
server: nginx
etag: W/"a75f570fd77fc567c56e5c7fdad25d77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: taRffhX16zK2eZuMfxLJC70jbfGAjmFM
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _GKM_o-F5mN_28s5FRCLb5DAwfQU7nji3-qcNpNXJa2Pc6YLcKgifg==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 12DC 24 B
666 B 26ms
15ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
age: 4120825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sL7M4nSUdQpJPNH712xjWhIXuK9qm1jD2BtzCrtT64Txe_0C33an3w==

GET
H2 200 15.1d8f5012.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 75 KB
19 KB 27ms
17ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.1d8f5012.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 1446664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"a10801df313ae6aee5353f1d56ee158d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KAn62QiCijDwsq5BJEU9_1eTMFOTCVrB
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7Lsu9JuGoFfYzDugbdE8SpgnIkz7iyw3CahD79zNbz9vwnr-HvvM4w==

GET
H2 200 22.947209a2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 47 KB
13 KB 24ms
16ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.947209a2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 1446664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"d06d1a64be2b2e5ab91bedd7c4c17717"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k7zUF0pgH6bmYsPK._H98sqTvr7U2rBt
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gmziONKFIlJoK-MnqS1I5FlsAdT96Qjl6CNVW_9ExuBqNZttKw-pTQ==

GET
H2 200 13.014e96bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 41 KB
13 KB 24ms
17ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.014e96bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5663a7a55772ac03276f27f2cf05b093c71c6b79c1bf8b7e071b3621b8126f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:02:15 GMT
content-encoding: gzip
age: 487911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 16:32:48 GMT
server: nginx
etag: W/"0ee44fe830a2d282378c97205f753960"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eTrq2_ygCQ8X0KEyQ2jeWW6y8G2tanE7
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wau5doCihScR6GHEnW0f_pBoMN6WGUg821dkAnX1o9ZFAnDBVBoV2Q==

GET
H2 200 2109161.js Show response
js.hs-banner.com/ 61 KB
16 KB 65ms
25ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2109161.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/2109161.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be871f07ca187dfce81d437958c15bfafccbe3f4b1ad4bede3e4bde1b479207

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 24
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: D5Q8842N3P6F13KK
x-amz-id-2: /AiNZOJIaf7ztQlcTwyV3tWaw4ZmBZowaajQROlMBmyp78Y+Gp0syLCPy+0/yast8QVD7je0xBM=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 20:44:51 GMT
server: cloudflare
etag: W/"687695ceb4701c45ea7085b40f887dac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: fo7ibcUEwGDpdR2leD8hhspP.J9dhqlt
access-control-allow-origin: https://onfido.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6e0ea236ba6891e1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 21 Feb 2022 08:38:42 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 9 KB
3 KB 8ms
7ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oJ3eeDyVIvEVTB5r-4nzNK-gCXaAcfcDtljvWdAXcOwkMPO-idZGnw==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 33 KB
10 KB 9ms
8ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eyTyh7DgHZ25PxS7jB9HoJM88yNBWgB2y-Xqn76Oo3mo1sCbeMnpuQ==

GET
H2 200 25.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame 2801 8 KB
2 KB 9ms
8ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bxrqjBCKX9ERzz7WjftbPaYdOBk8_KxN
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ht3WCmv3feEgRxUepDGELv6RmiwIMM-Qo19p9fPeGdf8CTV2q7xNmA==

GET
H2 200 25.3edea197.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 12 KB
5 KB 9ms
9ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.3edea197.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

03076b42c04600d8390ca4fdee25bfd27159ae17542a7ce4835d8e95eb3e09c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:02:15 GMT
content-encoding: gzip
age: 487911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 16:32:49 GMT
server: nginx
etag: W/"7fe2c144230edd6f0d5239a188bf14bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Qv8p.vMJI0metIekINRXO5m0qweEk1vH
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Srf2OFnH7BMjm1b-IBL1Z9awh9xBV_9Bf81myh2LUwNklQW2LL6ZHA==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 2801 365 B
1008 B 9ms
8ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RPa0kQN3Bq_C32YNtxlXEVqjvaaQ9ZplUnQCLd78NGmK2dQVwxHT6w==

GET
H2 200 19.e9c3090f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 2801 85 KB
24 KB 10ms
9ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.e9c3090f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f9a2d2e87a5a58ba21496321a93d073c18ec25e9c38d6d1daeaa9e10a9022535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=c6atf3fkxbzf&region=US&forceShow=false&skipCampaigns=false&sessionId=2d80e20d-c617-4509-abaa-d6de51ae913d&sessionStarted=1645432446.288&campaignRefreshToken=d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d&hideController=false&pageLoadStartTime=1645432444446&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:50:10 GMT
content-encoding: gzip
age: 495836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 14:20:21 GMT
server: nginx
etag: W/"989589162483f0966d3379f01e8b73a9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .mKx0nKUkw8nZFQtU_cnlKbOBINGtcas
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2R1vDM02QE2AOjlQOu24OMJ8zuBH__0GxIKgFQra9V1NOVTFLya1hA==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 12DC 3 KB
1 KB 7ms
7ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hcrUFdaiGQaSRS38zYVVpe0f2ZHx0uzyFvWaeh__jAFAEGn6o02SCg==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 3 KB
2 KB 8ms
8ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:05:36 GMT
content-encoding: gzip
age: 2723310
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 18:53:54 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ksLSg4TUkAEd1MoJ_8-6P_6AkLw8H_Bm1MSeYh68Wq0kniHsjoDXzQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 9 KB
3 KB 8ms
7ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6UzaGPGc-pyvNylmutyscejc1RpFqxbHz6o6ovV_x3udikZXQQ7vtg==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 12DC 7 KB
2 KB 8ms
8ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o38x2AyozFMxgmuPIB0CvyEwhn1_YwGhUXRv46HAchjb0FypyefEgA==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 54 KB
16 KB 9ms
8ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4120824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Lgf0JkDUpGni2T4_sPHyU8oVrdV4fsf5-eQv3fwtyWI_k2tqdBHrAg==

GET
H2 200 1.e250bb71.chunk.css
js.driftt.com/core/assets/css/ Frame 12DC 44 KB
7 KB 9ms
9ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e250bb71.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 1441146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"2b7f0e5ff08649a2d71db9fdde0609ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U0zOe09_ThzYcAoSvmLbLojXTsJVu6PB
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WVlu-YE0lupErLHKJA4-QjgY5SlpbTECAG57iXS7E52tymNwX2fvow==

GET
H2 200 1.4d73e4b0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 71 KB
24 KB 10ms
9ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.4d73e4b0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7b3d77afaf24867ae18a33f69f474784f560f9ef07177b4f630dc9e526d7668c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:02:15 GMT
content-encoding: gzip
age: 487911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 16:32:47 GMT
server: nginx
etag: W/"f1e2b02776cbd2a2f3c4fa276534e182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zi1fk0tPqcchfIOXcBADnHkL0Gs8.eIW
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oteKZrawOiZFqsC25qKYZLC6AUl8I45pwn0jDOd9P7U_H4YzW8QF8g==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 12DC 12 KB
3 KB 11ms
10ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 1441146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Qev6vgHF2x7AJVF76BrOoAXjRMgdx9smmiElwzu8vwRfg2ZkL5oDFw==

GET
H2 200 30.f8f90b50.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 12DC 12 KB
5 KB 11ms
11ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.f8f90b50.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.97f2beae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7fbdf18ef718f7d92c5c552cf3133223239e5a87b2b17543417c863895fa3ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1645432444446
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 1441146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:30 GMT
server: nginx
etag: W/"403c83255f6ba5c35738df7176146d93"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9aY_CUpc8aGc6DumJu3tfRzHETVUuYEF
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: reNbgJknyYQyk4n4jMOJdcKkX-4di200Xeq7O5pE7I84BEO_rcoJtA==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 322ms
103ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftabea7a24564b18de21bc61d1e6d
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 2801 25 B
122 B 112ms
112ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
server: istio-envoy
requestid: fcc3a6d6bae129c
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 2801 164 B
262 B 107ms
106ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

eca751bdcf3ae9f787cf9ec74cec856a3d3f721fddfcd6da0ab96b03c8c84100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
server: istio-envoy
requestid: 4f4c98e305d8b2ff
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 164
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 311ms
104ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifte86748d4958be4aa03000afe30c
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 ajax_ping Show response
onfido.com/resources/hubsFront/ 49 B
614 B 314ms
313ms XHR
application/json 2600:9000:2156:4e00:1e:f324:d0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://onfido.com/resources/hubsFront/ajax_ping

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.700fcd931175db64c535.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4e00:1e:f324:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://onfido.com/resources/financial-services/identity-fraud-report-2022
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:06 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cloudfront-viewer-country: DE
content-length: 49
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
content-language: en-US
content-security-policy: frame-ancestors 'self' https://*.onfido.com/
content-type: application/json
x-amz-cf-id: DVdA8VxqDf88HBH4MiIrRfexBmhvzyCWSKKOr_uZTEy7SZM0I6vLSQ==

GET
H2 200 c6atf3fkxbzf.json Show response
embeds.driftcdn.com/embeds/ Frame 2801 30 KB
9 KB 32ms
8ms XHR
application/json 143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/c6atf3fkxbzf.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9301c8e1d831fc9f4c706b5be8bf72ab1e7599bb1c1eb52988c19af92b2ec977

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:33:43 GMT
content-encoding: gzip
age: 25
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 11 Feb 2022 06:41:42 GMT
server: AmazonS3
etag: W/"cf8a3a22e2a31ffa7ae1fec8bc155dd7"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uvOzGgI8uLhSmYqm9P7xCKNGesX6H12KrwGwGjw5qqOnwZAo081hDw==

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 461 B
949 B 68ms
51ms Fetch
application/json 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=t0TSHWavuqWBRcu3wsuRjBb4dNM1BmrlNHCsVqV2&page=https%3A%2F%2Fonfido.com%2Fresources%2Ffinancial-services%2Fidentity-fraud-report-2022&page_title=Identity%20Fraud%20Report%202022&referrer=
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1645432500000/c6atf3fkxbzf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 06294245f12818c2d04b2a9f1e1d9d5cadd44667f565cdc6f51c83aaf4dfef28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onfido.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 08:34:07 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: f02ac697-c049-4854-b43b-8e7213d87d7c
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://onfido.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1zyHUItvsWg5QUY6oq9L_dnpvGKpdO5sb-cLFRuHx7Fgj4dqeTkySA==
expires: Sun, 20 Feb 2022 08:34:07 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 2801 25 B
89 B 114ms
114ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 21 Feb 2022 08:34:08 GMT
server: istio-envoy
requestid: f42e9550732959ed
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 102ms
102ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 21 Feb 2022 08:34:08 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift4fe04074df9a05b59f1d0ff2704
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onfido.com
URL: https://onfido.com/resources/i/1436436?source=hub&expanded=false&hubItemID=670419435&m4

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onfido.com/	1970-01-20 09:49:28	Name: _ufav Value: d248d42f5c6e4bb98ee950ce9d35ae84
.onfido.com/	1970-01-20 01:03:56	Name: _ufas Value: 8ac669df4d6a48cfb8a668aecd4edc65
.onfido.com/	1970-01-20 03:13:28	Name: _gcl_au Value: 1.1.78401690.1645432445
.onfido.com/	1970-01-20 09:49:28	Name: _ga Value: GA1.2.1199451135.1645432445
.onfido.com/	1970-01-20 01:05:18	Name: _gid Value: GA1.2.2122282775.1645432445
.onfido.com/	1970-01-20 01:03:52	Name: _gat Value: 1
.vimeo.com/	1970-01-20 18:35:04	Name: vuid Value: pl1147476019.285942357
.onfido.com/	1970-01-20 09:49:50	Name: __adroll_fpc Value: 72c4af270e4f9fdf44f6742c9d6ae1e3-1645432445093
onfido.com/	1970-01-20 01:03:54	Name: ufentry Value: 20220221.040405
.onfido.com/	1970-01-20 09:49:28	Name: __ar_v4 Value: %7CC76YWNYYC5B5ZIQSOH75HC%3A20220223%3A1%7CYLBPTSVDJ5DJNC644KA5XS%3A20220223%3A1%7CXOYPTSRDXJBN3MTI3WL2VH%3A20220223%3A1
.advertising.com/	1970-01-20 09:50:54	Name: APID Value: UP077f0079-92f1-11ec-ac7d-02e6f1b73c32
.casalemedia.com/	1970-01-20 09:49:28	Name: CMID Value: YhNOfc7Ce3q3Rih8Xg2qnAAA
.casalemedia.com/	1970-01-20 03:13:28	Name: CMPS Value: 3267
.onfido.com/	1970-01-20 03:13:28	Name: _fbp Value: fb.1.1645432445227.1771488550
.adnxs.com/	1970-01-20 03:13:28	Name: uuid2 Value: 944508937606477138
.3lift.com/	1970-01-20 03:13:28	Name: tluid Value: 1638251214948895589394
.pubmatic.com/	1970-01-20 03:13:28	Name: KRTBCOOKIE_10 Value: 22808-NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I&KRTB&22883-NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
.pubmatic.com/	1970-01-20 01:47:04	Name: PugT Value: 1645432445
.pubmatic.com/	1970-01-20 03:13:28	Name: PUBMDCID Value: 3
.casalemedia.com/	1970-01-20 03:13:28	Name: CMPRO Value: 1214
.casalemedia.com/	1970-01-20 01:05:18	Name: CMST Value: YhNOfWITTn0A
.casalemedia.com/	1970-01-20 09:49:28	Name: CMRUM3 Value: 6962134e7d2760NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
.adnxs.com/	1970-01-20 03:13:28	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2IlhpL)E#!]tbPl@/@8$-^=$Uf[R8Yu:`rBAQWuGWi^bF=iH@ZjO`_[-w]w:Vo5=GWgx-^BPSFA/wt<Zsm4QF1)tX3If)y3KL9D3I?.Do?]ks
.doubleclick.net/	1970-01-20 10:25:28	Name: IDE Value: AHWqTUlmp-PAFkwKjEJMRys59cDNzG4UY7NopA9H55TPAU27vMuXcBzCvDLG0S5A9kc
d.adroll.com/	1970-01-20 10:32:40	Name: __adroll Value: 4f781afa24232b9be5e8aca2136d2e7b-g_1645432445-a_1645432445
.adroll.com/	1970-01-20 10:32:40	Name: __adroll_shared Value: 4f781afa24232b9be5e8aca2136d2e7b-g_1645432445-a_1645432445
.bidswitch.net/	1970-01-20 09:49:28	Name: tuuid Value: 8bdbbf7b-2cca-4705-8677-5b6334fcc876
.bidswitch.net/	1970-01-20 09:49:28	Name: c Value: 1645432445
.bidswitch.net/	1970-01-20 09:49:28	Name: tuuid_lu Value: 1645432445
.outbrain.com/	1970-01-20 03:13:28	Name: obuid Value: 35e61504-4d13-40cc-a131-59c39cb19041
.outbrain.com/	1970-01-20 01:32:40	Name: adrl Value: NGY3ODFhZmEyNDIzMmI5YmU1ZThhY2EyMTM2ZDJlN2I
.pardot.com/	1970-01-23 16:39:52	Name: visitor_id885253 Value: 108668450
.pardot.com/	1970-01-23 16:39:52	Name: visitor_id885253-hash Value: 8ba358e27208d5d5e9a10ed7bde5688ebc53168ddf8cc0363dad279296a95c1a21da9265c36d994d781ab5ed876126caaf710435
pi.pardot.com/	1970-01-20 01:03:54	Name: lpv885253 Value: aHR0cHM6Ly9vbmZpZG8uY29tL3Jlc291cmNlcy9maW5hbmNpYWwtc2VydmljZXMvaWRlbnRpdHktZnJhdWQtcmVwb3J0LTIwMjI%3D
onfido.com/	1970-01-23 16:39:52	Name: visitor_id885253 Value: 108668450
onfido.com/	1970-01-23 16:39:52	Name: visitor_id885253-hash Value: 8ba358e27208d5d5e9a10ed7bde5688ebc53168ddf8cc0363dad279296a95c1a21da9265c36d994d781ab5ed876126caaf710435
go.onfido.com/	1970-01-23 16:39:52	Name: visitor_id885253 Value: 108668450
go.onfido.com/	1970-01-23 16:39:52	Name: visitor_id885253-hash Value: 8ba358e27208d5d5e9a10ed7bde5688ebc53168ddf8cc0363dad279296a95c1a21da9265c36d994d781ab5ed876126caaf710435
onfido.com/	1970-01-20 01:03:54	Name: drift_campaign_refresh Value: d9ff1c2d-52b0-4656-90c2-90dc1c2cd36d
onfido.com/	1970-01-20 09:49:28	Name: pdf_event Value: WyJbe1widXVpZFwiOjE5NTAxNDc4MzR9LDE2NzY5Njg0NDZdIiwiYjY4Mzk0OTM1NTg5MGQyMTZjYmVlZjJlYmU5NmY0YzciXQ%3D%3D
.hubspot.com/	1970-01-20 01:03:54	Name: __cf_bm Value: qrHQJdnBJYZXt_ji5OuYvtz841Ij0Bq1Ed6Ao5z6S1I-1645432446-0-AQ9xzjqmXEx7xA+hIgKA3bw1Y7TikCcxtUn1G+KWNWJyRzJxb+iBVr4c9TTaBriOaBV//K2p4DKD9kroYfzdkO0=
.onfido.com/	1970-01-20 10:25:28	Name: __hstc Value: 128070483.ccbe9eaacac1d10ed5ee3b0c4d68374c.1645432446298.1645432446298.1645432446298.1
.onfido.com/	1970-01-20 10:25:28	Name: hubspotutk Value: ccbe9eaacac1d10ed5ee3b0c4d68374c
.onfido.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.onfido.com/	1970-01-20 01:03:54	Name: __hssc Value: 128070483.1.1645432446298
onfido.com/	1969-12-31 23:59:59	Name: _MGZ_ Value: 6anrihbmeu6epggmcn5nd6b7hj

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://*.onfido.com/
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
api.company-target.com
bootstrap.api.drift.com
cihost.uberflip.com
cm.g.doubleclick.net
connect.facebook.net
content.cdntwrk.com
d.adroll.com
dn1f1hmdujj40.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
embeds.driftcdn.com
f.vimeocdn.com
fast.wistia.com
fonts.googleapis.com
fresnel.vimeocdn.com
go.onfido.com
i.vimeocdn.com
ib.adnxs.com
image2.pubmatic.com
in.ml314.com
js-na1.hs-scripts.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
maxcdn.bootstrapcdn.com
metrics.api.drift.com
ml314.com
onfido.com
onfido.mxelm.com
pi.pardot.com
pipedream.wistia.com
pixel.advertising.com
pixel.rubiconproject.com
player.vimeo.com
s.adroll.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
track.hubspot.com
us-u.openx.net
vimeo.com
web-analytics.engagio.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
onfido.com
141.226.228.48
142.250.186.98
143.204.98.47
143.204.98.70
143.204.98.86
143.204.98.9
151.101.0.217
151.101.114.109
151.101.14.109
151.101.64.217
18.211.115.8
18.232.28.189
184.30.24.241
185.64.190.80
2600:9000:2156:3000:12:53a8:95c0:93a1
2600:9000:2156:4e00:1e:f324:d0c0:93a1
2600:9000:2156:8e00:6:9280:1080:93a1
2600:9000:2156:b000:c:90ee:6000:21
2606:4700::6811:47b0
2606:4700::6811:d4cc
2606:4700::6812:14bf
2606:4700::6812:acf
2606:4700::6813:9b53
2a00:1288:80:807::2
2a00:1450:4001:801::2004
2a00:1450:4001:803::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::622
3.127.158.112
3.216.226.213
3.94.218.138
34.120.202.204
34.193.113.164
34.200.182.42
34.247.104.176
34.98.64.218
35.211.178.172
37.252.172.36
52.202.69.186
52.3.66.26
54.228.17.128
69.173.144.165
70.42.32.191
76.223.111.18
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
026bfadfe891941fb64aea6f347ad96a05531fa8b6894a169ed10942f19b0e26
03076b42c04600d8390ca4fdee25bfd27159ae17542a7ce4835d8e95eb3e09c0
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
06294245f12818c2d04b2a9f1e1d9d5cadd44667f565cdc6f51c83aaf4dfef28
06b759c848bbb650a61839a5d620b18dd14c049d9965c17be7db095f5c0dc771
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
0be21a970587476842c1e21d15551c1bb68282f7a407be63b4490ea0f10e8b26
0ea44ecee24e59f455ab256d0c801a180fa2a78b9a1837654400a632ec76d1ac
105a6cdb6b72b534878ab2cb9b5baaab555b0dc686de5fa82cffafb86fca7ed8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f
144bb75f6f2ed25472c4064fa33c11a309f9ff347256a54a0a9334ae35d4db67
160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22
18774613cbffdfcdec96bbdbb05046de4509437f3230b830d06bf75b584c4b71
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2
206c9747a8212abf75872f8a59477d4d539f1cc15f25d998e22adc627eb038a9
20ef65f2151a12a282e7cbfd3ce609d50fd93ff3466c46686ade72a0ffadda5e
22acd3040da68824d236495891e0c5dbe2319fe9c14f557fcb61ad30a261d800
247bc4fdcce0157f58540e9eb73c40d0565fce4cd00da3eb11d63371f9709426
25432f5fbab05a7a6b0586daf23d0bc90bcaaf48a251de376e108e20c8807666
26d1f8df59f501200b5889d69c5e0f20a0e21f72a59526d2b298a2b41aecfa1f
274bffaf20eac6ef6204cbc3e49469c665f87bb6eba917fa9ed249473e6d0059
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2b1546bb877ca3b152519379ea048c790e087c74bada7171b466f69451999afe
2c13b048cd9aaf28aa07d167ea49c9f98042f7b6a9fa7cfd67be2dc6e24d6a22
36af2c07b27ff2b5e89ab060146d464b1e08f01f8ccc870bfece1d3637a6da94
37388b5605d37fdf90eb72c3aad69eb3a3a955d8c884d56711cd2c28899fc24c
38694e3e3b50c2482665c7604294afa087e345458afe6c8ad593dd6f739ff094
3a7d935b2f0c9a1c902a372fdf426122c83553dc29e9f82b9a2109bcf79476b0
3de255b94369329acaefdd84512223aca857aca6d24de12b3114147a935fbab7
3e8b96628b637ddddfa3dfcc957a74f90ca98b4021786fae8d0a70130cbb86c5
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
404b6bf7739d7d903274c4f4dd8b6adc408f42ad8f7d77db39a649360d1624c6
488dc56ff6f3062249e180b15cf21da863659975636cc06b52fea538daae71ab
49965a3ed549f6628fa50e324e1d7aee50785ed4d8299f5fda2b4e1bb64ab9e3
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509be96f6f3990adcda925703d47582ec72a8fd57cf6535e3feca6ee9b86020b
521b506ae8f575095087415bcc720ceb0478eb18ab41240aa3c6bf4537369b36
535334ee458ae0c41eb1a7449c3dd0c4300af82ca78bf20864d9267ecde61a56
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5663a7a55772ac03276f27f2cf05b093c71c6b79c1bf8b7e071b3621b8126f4e
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5d60be60d86df4c302b6eb202e0e499d66de9fdc13a85a89757ea98f35511cbb
5dba743d2f6b4d888e1b70d586888098cdfd3bbf0d768490d7ad21e337a8bfda
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec
6068d230ddc2a94a269034dab608f9966fec8531b5e00c006634c8d725b3765c
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
6e34e1eee30f1ef3c3510b3844a83535a2d52b59e11912ce963a51dd30c14143
71e3e74105965601c0ca9a2b8b2367c1027ff7c9a9fc0a29dfb2f00557875915
724a81ca42d4f26cf7addd0f3dec06605c4df32ee34279cf11baf059f23d7ed8
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
77f1809048d0eadc67e140b035e47b90e600ec44809e3ecbca00630c197501af
7b3d77afaf24867ae18a33f69f474784f560f9ef07177b4f630dc9e526d7668c
7e10fc889775d96bb2ab1e30af1d9e9abedbb8e201548500f2fb4f70fc6faf9e
7fbdf18ef718f7d92c5c552cf3133223239e5a87b2b17543417c863895fa3ebc
83fab61d0fe39edfc92fdf99cbb37071e080389d4a0d851f7839f6cb6d0a4cf1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e7661a2ff868a598b2bf29ce05049c4e8fb2ee5568225336ab0905eda3c1c1
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
87018af89a65aa82eae54a1542e259b27e698e94620c1645f7049de82eba4684
8a84620da4e848759ad0cf8242d69d1c9a0f9065571a46cecd0aa7e3bac2bce2
8b9bc04940e4e451d515ef3ab9253b9ee0bef2a3c82ca4dcbda0db44d2768c39
8be871f07ca187dfce81d437958c15bfafccbe3f4b1ad4bede3e4bde1b479207
8d3dc1f1fa4abe29e7aceeabda4fd52970842740acd9b5867be82b4cc4cc8e9d
9301c8e1d831fc9f4c706b5be8bf72ab1e7599bb1c1eb52988c19af92b2ec977
9311ba0e89a1aa8e566f2aae2a3e8222814d5f086c8221491a722bf4d5988726
93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a
95aae00c9d9ac25970bf4a37494f447ed8c4f3a38353a71edee8f4397737ccdf
99ac7112fc76e40889470899fdf23abde6103b98d80460022ade31d2a285ad64
9af061417e21c2cdb31784a47ef5c6e26ae1485df1d2d2f8e7ffda50af2f6f9d
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9de001ea8caa3e3227f99eb526c3c610037c6ed05b4525ad7fe05ff7f73ece1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c99808164dd6b9ba56702e3dc6a82987f6f1d06542929d7757890ff8258a9b
a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594
a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d
a3b60d3b407ab45a068bfcb522165bf2449cc7207d31c8946c9af5dfd7072186
a497fabf53b9e53cb1a9820b2b6743edbf0b8da1e0c9be996af81373687fc38a
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a6bef5c8fd53a2981c4a1e875871cf09707b5b98a31f084a00668c1a63871d40
aad14f6d4402e5d6294cb0fe42cc894cd25fa5431145586efa7338b6029dc83d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a42e37a1d6048a04aee2679303fcfb210e2df96abd3d753f09e767ddd245d4
b44982a8d8a7d3a8688fe8fb66fd78a44451ae78102d09319415a323d73ee60c
b79d3b9d257fd33a8177597b28647669c7465ed4bfbaa99acfdb325f3b8e66de
b8dce169ac1edb703eac2d7d9e7cb95ab9d1ab7167bd161315cc29d4a95d6aba
b98e0f76f97857fce1b3fbd8e9ed5775988e85fffd71dcc2422f8d012378ea34
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4f9e48ee24702347f570708db691ce51b538b90341b83d41a375b5adb5fa12
bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91
c2fec7c9522aa2090f05ebd5b3440e25ece9813d56222b6ea22e9590c4d6a51a
c6e9f7edaeaa678f248ce56e7af08ba86f1c1a2eee3ad1d5264e7bfe929ddead
c7ce9129d72ef25d747bb326a8c890c9c0bd660cfff4acb7ce7882466eafd9f5
c8e068cd7f5c831857807a7cfc29fda4ddc62ac7c1062340c0ea09f87fcfaabc
cf81e5d46d5e581cde58ca6c25946fda7862886e0cc6eecdb46d104330796b8b
d0cdf997216eb128a710370b81dfcb79756b4351a86b11821746029d40bce055
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
da8c9aa56a46840e5613104832d072b3ab33d0a3d00df7d7a7b2bdb1cc79d3ae
dae696bfce1988e20490797da2f231873abdb4b7829a8a142410bf880d6a163d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
df9bfafb474d3450e066e8202577ab8150ef8c4b172bbaf78037c09cb44c610d
e0523d2f3011f89e81f628a5041b9a56e849f91e4927f0272c16fbc5cee5f3d0
e0eb74c400dded823098e4cdb9f71e9b360a3f33cad9b346879205851e70f887
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e796113f6ae3ff634cfae495790e8e83cb77353a2e94d879e268b1a5dee707a4
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
e955796dfb214de145c92a5764eaa5c8157eb5f4ec7fd15fba525d5bd87cd71b
e9ed55e76e18c41069e635a88c37648b50b8cb39fb5862fa2d129661931b6705
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
eca751bdcf3ae9f787cf9ec74cec856a3d3f721fddfcd6da0ab96b03c8c84100
ef101b65e88cbdea5acb268e2b6bd8e86e6e33dc1a3eb059f183de4f7a40e9f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193
f9a2d2e87a5a58ba21496321a93d073c18ec25e9c38d6d1daeaa9e10a9022535

onfido.com Open in urlscan Pro 2600:9000:2156:4e00:1e:f324:d0c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

92 %HTTPS

39 %IPv6

40 Domains

49 Subdomains

48 IPs

6 Countries

3852 kBTransfer

9923 kBSize

46 Cookies

10 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onfido.com Open in urlscan Pro
2600:9000:2156:4e00:1e:f324:d0c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

92 %
HTTPS

39 %
IPv6

40
Domains

49
Subdomains

48
IPs

6
Countries

3852 kB
Transfer

9923 kB
Size

46
Cookies

190 HTTP transactions
1 data transactions