www.safeguardcyber.com Open in urlscan Pro
2606:2c40::c73c:671f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sales.safeguardcyber.com/t/102527/c/c9f4d7a0-2230-4a13-b5ce-4c377e436009/NB2HI4DTHIXS653XO4XHGYLGMVTXKYLSMRRXSYTFOIXGG33N...
Effective URL:
https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e...
Submission: On June 22 via api (June 22nd 2022, 2:08:13 pm UTC) from US — Scanned from DE

Summary HTTP 260 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 49 IPs in 5 countries across 34 domains to perform 260 HTTP transactions. The main IP is 2606:2c40::c73c:671f, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.safeguardcyber.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 29th 2022. Valid for: a year.

This is the only time www.safeguardcyber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.85.73.22 54.85.73.22	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.157.119.77 35.157.119.77	16509 (AMAZON-02) (AMAZON-02)
43	2606:2c40::c7... 2606:2c40::c73c:671f	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	108.157.4.64 108.157.4.64	16509 (AMAZON-02) (AMAZON-02)
53	2606:4700::68... 2606:4700::6812:173c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.224.13.60 3.224.13.60	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.89.100 143.204.89.100	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
11	104.89.35.64 104.89.35.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.111.9.64 23.111.9.64	33438 (STACKPATH) (STACKPATH)
62	143.204.89.91 143.204.89.91	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
1	2600:9000:231... 2600:9000:2315:9000:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.6 143.204.89.6	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.197.6.88 34.197.6.88	14618 (AMAZON-AES) (AMAZON-AES)
1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:6c0... 2a02:26f0:6c00:294::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6812:163c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.89.34 143.204.89.34	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
8	76.76.21.61 76.76.21.61	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.106 143.204.89.106	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	52.202.60.40 52.202.60.40	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	34.253.52.76 34.253.52.76	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
2	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
260	49

1 54.85.73.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-73-22.compute-1.amazonaws.com

sales.safeguardcyber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.119.77 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-119-77.eu-central-1.compute.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2606:2c40::c73c:671f (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.safeguardcyber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-64.dus51.r.cloudfront.net

static.userback.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2606:4700::6812:173c (United States)

ASN13335 (CLOUDFLARENET, US)

capture.navattic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.navattic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

14515786.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.13.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-13-60.compute-1.amazonaws.com

api.userback.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-100.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.89.35.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-35-64.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.64 (United States)

ASN33438 (STACKPATH, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 143.204.89.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-91.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:9000:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-6.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.6.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-6-88.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:294::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:163c (United States)

ASN13335 (CLOUDFLARENET, US)

js.navattic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-34.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 76.76.21.61 (United States)

ASN16509 (AMAZON-02, US)

app.navattic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-106.fra50.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f106:83:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.60.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-60-40.compute-1.amazonaws.com

scout.us2.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.52.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-52-76.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com — Cisco Umbrella Rank: 5492	722 KB
62	navattic.com capture.navattic.com — Cisco Umbrella Rank: 730229 js.navattic.com — Cisco Umbrella Rank: 805683 app.navattic.com	2 MB
44	safeguardcyber.com 1 redirects sales.safeguardcyber.com www.safeguardcyber.com	524 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 7170 c.6sc.co — Cisco Umbrella Rank: 10598 ipv6.6sc.co — Cisco Umbrella Rank: 7405 b.6sc.co — Cisco Umbrella Rank: 4734	18 KB
9	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 11100 app.hubspot.com — Cisco Umbrella Rank: 5854 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 11457 api.hubspot.com — Cisco Umbrella Rank: 4290 track.hubspot.com — Cisco Umbrella Rank: 2144	26 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5864 bootstrap.api.drift.com — Cisco Umbrella Rank: 6095	479 B
6	salesloft.com 1 redirects app.salesloft.com — Cisco Umbrella Rank: 29488 scout-cdn.salesloft.com — Cisco Umbrella Rank: 13879 scout.salesloft.com — Cisco Umbrella Rank: 14063 scout.us2.salesloft.com — Cisco Umbrella Rank: 206575	5 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6868	263 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917 in.hotjar.com — Cisco Umbrella Rank: 1509	70 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
5	linkedin.com 3 redirects platform.linkedin.com — Cisco Umbrella Rank: 2750 px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	163 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 677 syndication.twitter.com — Cisco Umbrella Rank: 869 analytics.twitter.com — Cisco Umbrella Rank: 516	134 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	197 KB
4	userback.io static.userback.io — Cisco Umbrella Rank: 83147 api.userback.io — Cisco Umbrella Rank: 78790	152 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5448	763 B
3	google.com www.google.com — Cisco Umbrella Rank: 8	763 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	4 KB
3	hsforms.com perf.hsforms.com — Cisco Umbrella Rank: 9837	1 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2069	18 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 13955 tr.lfeeder.com — Cisco Umbrella Rank: 12871	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	t.co t.co — Cisco Umbrella Rank: 455	337 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 408	712 B
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4992	111 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3409	3 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4068	88 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4780	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2061	21 KB
1	hubspotusercontent-na1.net 14515786.fs1.hubspotusercontent-na1.net	196 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	89 KB
260	34

	Domain	Requested by
62	js.driftt.com	www.safeguardcyber.com js.driftt.com
52	capture.navattic.com	www.safeguardcyber.com js.navattic.com capture.navattic.com
43	www.safeguardcyber.com	www.safeguardcyber.com js.usemessages.com
9	b.6sc.co	www.safeguardcyber.com
8	app.navattic.com	js.navattic.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.safeguardcyber.com
4	metrics.api.drift.com	js.driftt.com
4	connect.facebook.net	www.safeguardcyber.com connect.facebook.net
3	track.hubspot.com
3	www.google.de	www.safeguardcyber.com
3	www.google.com	www.safeguardcyber.com
3	perf.hsforms.com	www.safeguardcyber.com
3	js.hs-banner.com	www.safeguardcyber.com js.hs-banner.com
2	bootstrap.api.drift.com	js.driftt.com
2	api.hubspot.com	static.hsappstatic.net
2	scout.us2.salesloft.com	www.safeguardcyber.com
2	www.facebook.com	www.safeguardcyber.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	px.ads.linkedin.com	2 redirects
2	static.hotjar.com	www.googletagmanager.com
2	js.navattic.com	capture.navattic.com js.navattic.com
2	api.userback.io	static.userback.io
2	app.hubspot.com	www.safeguardcyber.com js.usemessages.com
2	platform.twitter.com	www.safeguardcyber.com platform.twitter.com
2	static.userback.io	www.safeguardcyber.com static.userback.io
1	in.hotjar.com	script.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	static.userback.io
1	tr.lfeeder.com	www.safeguardcyber.com
1	analytics.twitter.com	www.safeguardcyber.com
1	t.co	www.safeguardcyber.com
1	vars.hotjar.com	static.hotjar.com
1	syndication.twitter.com	platform.twitter.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	px4.ads.linkedin.com	www.safeguardcyber.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	sc.lfeeder.com	www.safeguardcyber.com
1	fast.wistia.com	www.googletagmanager.com
1	scout-cdn.salesloft.com	www.safeguardcyber.com
1	j.6sc.co	www.safeguardcyber.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	cta-service-cms2.hubspot.com	www.safeguardcyber.com
1	js.hsadspixel.net	www.safeguardcyber.com
1	js.hsleadflows.net	www.safeguardcyber.com
1	js.usemessages.com	www.safeguardcyber.com
1	js.hs-analytics.net	www.safeguardcyber.com
1	14515786.fs1.hubspotusercontent-na1.net	www.safeguardcyber.com
1	www.googletagmanager.com	www.safeguardcyber.com
1	no-cache.hubspot.com	www.safeguardcyber.com
1	platform.linkedin.com	www.safeguardcyber.com
1	app.salesloft.com	1 redirects
1	sales.safeguardcyber.com	1 redirects
260	59

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.twitter.com
www.wired.com
twitter.com

Subject Issuer	Validity	Valid
www.safeguardcyber.com Cloudflare Inc ECC CA-3	`2022-03-29` - `2023-03-29`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.userback.io Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-11` - `2022-09-10`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-02-24` - `2023-02-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-16` - `2023-04-14`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.lfeeder.com Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
app.navattic.com R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Frame ID: 35AB4ACCF78DE9B230E0F810E77877F0
Requests: 121 HTTP requests in this frame

Frame: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Frame ID: 7317D1DCD0DD901A8E59E6870D36D508
Requests: 50 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.safeguardcyber.com
Frame ID: B7624E4B3BA3C409487F4644EA2E64C2
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 40A043E04A757892131B1CF4626CBA95
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/3918364/threads/utk/82440822b1b6496d816c9c2634b9d3c0?uuid=49bca8ef47dd4a3caf88bc02f428de8d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=safeguardcyber.com&inApp53=false&messagesUtk=82440822b1b6496d816c9c2634b9d3c0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true
Frame ID: 17B9BED29F7E2DC9630AD291A3B12698
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DA6187B5276264EBEF270AA73AFFFDF8
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 38CE4750CA7A28EBBC29662192AA584B
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
Frame ID: AE978829D332B61D625C482EA6611ABE
Requests: 32 HTTP requests in this frame

Frame: https://capture.navattic.com/nv_static/i/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InhWMFFJTHVoRiJ9
Frame ID: E8AACC477D9FC58C368A39030C1975F6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Multi-Channel Communication Attacks: A Demonstration | Blog

Page URL History Show full URLs

https://sales.safeguardcyber.com/t/102527/c/c9f4d7a0-2230-4a13-b5ce-4c377e436009/NB2HI4DTHIXS653XO4XHGYLGMVTX... HTTP 302
https://app.salesloft.com/t/102527/c/c9f4d7a0-2230-4a13-b5ce-4c377e436009/NB2HI4DTHIXS653XO4XHGYLGMVTX... HTTP 302
https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

260
Requests

100 %
HTTPS

53 %
IPv6

34
Domains

59
Subdomains

49
IPs

5
Countries

4603 kB
Transfer

15576 kB
Size

35
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo

Search URL Search Domain Scan URL

URL: https://www.twitter.com/share?url=https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo

Search URL Search Domain Scan URL

URL: https://www.wired.com/story/iran-hackers-social-engineering-mia-ash/
Title: a common tactic

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/safeguard-cyber

Search URL Search Domain Scan URL

URL: https://twitter.com/SafeGuard_Cyber

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sales.safeguardcyber.com/t/102527/c/c9f4d7a0-2230-4a13-b5ce-4c377e436009/NB2HI4DTHIXS653XO4XHGYLGMVTXKYLSMRRXSYTFOIXGG33NF5RGY33HF5ZWKY3VOJUXI6JPNV2WY5DJFVRWQYLONZSWYLLDN5WW25LONFRWC5DJN5XC2YLUORQWG23TFVSGK3LPH5SF65LUNM6TKZDGMU3GMNTGFUZDEMTFFU2GCNBWFVQWGMLDFVTDMMRXMU4DIMRYGBSTAJTTMJZGGPJRGRYUQSCLIRVXCTTPJI3U6V2RGNYGOMLJJR3SKM2EEUZUIJJSGRWWCMKBNQ4HM2TXIZ2DGLKMNM2EGMS2OBWUCJJTIQSTGRA=/www-safeguardcyber-com-blog-security-multi-channel-communication-attacks-de HTTP 302
https://app.salesloft.com/t/102527/c/c9f4d7a0-2230-4a13-b5ce-4c377e436009/NB2HI4DTHIXS653XO4XHGYLGMVTXKYLSMRRXSYTFOIXGG33NF5RGY33HF5ZWKY3VOJUXI6JPNV2WY5DJFVRWQYLONZSWYLLDN5WW25LONFRWC5DJN5XC2YLUORQWG23TFVSGK3LPH5SF65LUNM6TKZDGMU3GMNTGFUZDEMTFFU2GCNBWFVQWGMLDFVTDMMRXMU4DIMRYGBSTAJTTMJZGGPJRGRYUQSCLIRVXCTTPJI3U6V2RGNYGOMLJJR3SKM2EEUZUIJJSGRWWCMKBNQ4HM2TXIZ2DGLKMNM2EGMS2OBWUCJJTIQSTGRA=/www-safeguardcyber-com-blog-security-multi-channel-communication-attacks-de HTTP 302
https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=393866&time=1655906884961&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fsbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D%26d_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D393866%26time%3D1655906884961%26url%3Dhttps%253A%252F%252Fwww.safeguardcyber.com%252Fblog%252Fsecurity%252Fmulti-channel-communication-attacks-demo%253Fsbrc%253D14qHHKDkqNoJ7OWQ3pg1iLw%25253D%25253D%252524ma1Al8vjwFt3-Lk4C2ZpmA%25253D%25253D%2526d_utk%253D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=393866&time=1655906884961&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fsbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D%26d_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=393866&time=1655906884961&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fsbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D%26d_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0&liSync=true&e_ipv6=AQKrEcwjTKql9wAAAYGLveCbYuLS0EI4m2KB10iuzt6m10g11Nkp4PnGnd5v79feL1EAphku

260 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request multi-channel-communication-attacks-demo Show response
www.safeguardcyber.com/blog/security/
Redirect Chain

https://sales.safeguardcyber.com/t/102527/c/c9f4d7a0-2230-4a13-b5ce-4c377e436009/NB2HI4DTHIXS653XO4XHGYLGMVTXKYLSMRRXSYTFOIXGG33NF5RGY33HF5ZWKY3VOJUXI6JPNV2WY5DJFVRWQYLONZSWYLLDN5WW25LONFRWC5DJN5XC...
https://app.salesloft.com/t/102527/c/c9f4d7a0-2230-4a13-b5ce-4c377e436009/NB2HI4DTHIXS653XO4XHGYLGMVTXKYLSMRRXSYTFOIXGG33NF5RGY33HF5ZWKY3VOJUXI6JPNV2WY5DJFVRWQYLONZSWYLLDN5WW25LONFRWC5DJN5XC2YLUORQ...
https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D

71 KB
16 KB

309ms
219ms

Document
text/html

2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

f743de19b126b3a5a5cf3878c5a3bc8f0b663fb165463f60b32cca819d2b23f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=14400, max-age=0
cf-h2-pushed: </hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</_hcms/forms/v2.js>
cf-ray: 71f58dc7fec89b2e-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 14:08:04 GMT
edge-cache-tag: CT-48763029526,CT-62082826551,CT-69454130840,CT-75696837232,CG-43923902643,P-3918364,CW-43595754150,CW-43595754153,CW-43595754156,CW-43596036378,CW-43596061791,CW-43596115471,E-43596036400,E-43596036401,E-43596036403,E-43596061795,E-43596115499,E-43596271684,E-43596778562,E-43596778563,E-43596793453,E-43596793455,E-43596899217,E-43919529854,E-43920370102,E-43921196976,MENU-43615149175,MENU-43656299588,MENU-43656299902,MENU-43656309362,MENU-43667234636,MENU-43667313233,MENU-43667316625,MENU-43667317875,MENU-43667346774,MENU-43667347014,RA-43919371816,RA-43920370083,RA-43920391827,RA-43939984135,RA-44210302130,PGS-ALL,SW-1,GC-43597287514,GC-43598134326,GC-43656298863,TS-43596036377
etag: W/"47c59db6bb597dd465b5c816b8d9450c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 22 Jun 2022 03:40:31 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FZrKx8tsLLyD2Hww24hBljFhaY3IK2AB01w8O6rcgBCueFmBlsz6RLxs2Dzx9qoVRb0puBXOS3Fhh%2BcB2h%2FtN709%2B92jsSa9G%2BqiUNGb4UrCpRsoGqUD5oDDSVKLJEZoGGJLFn3rpwOTpGY7xMyY6jW8NY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=14400, max-age=0
x-hs-cf-cache-status: HIT
x-hs-combine-css: Disabled
x-hs-content-campaign-id: 8b2ba52a-69e5-42bb-ba82-9487bc0f18d7
x-hs-content-id: 75696837232
x-hs-hub-id: 3918364
x-hs-prerendered: Wed, 22 Jun 2022 03:40:31 GMT
x-powered-by: HubSpot

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 264
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Jun 2022 14:08:03 GMT
Location: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 1469e8373b77d32987c3145b9a4c07b7
X-Runtime: 0.207546
X-XSS-Protection: 1; mode=block

GET
H2 200 index.js Show response
www.safeguardcyber.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/ 11 KB
4 KB 49ms
0ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8b8c8146d6359d62410c5da0c4573717f95f8a2e79fcdf1c3ab242a70d10488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6828827
x-amz-server-side-encryption: AES256
cf-ray: 71f58dc939439b2e-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 25 Mar 2022 12:04:14 GMT
server: cloudflare
etag: W/"fabb1243bed29fd93cc5e0ce02ce9114"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp6qL2q4IrfXYk7KFY2%2Bp59GAha3Y5AMoM9EtYCT3HZFgENpZtGTN8NpXK1heVImIVhpV%2B7Ont42AEhmK6QhP0aLDJXlIW9PmMPlXbi2VPHqikGWxMSxHNkFbFeHTynbnIuZHDwWnkkpGQuErHeetvGzRnI%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: ye98kzU383wl95_ydpYD.3IraNY6l134
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: IEE9ZmbJgF53I0lPlIN-GxbmpLUEFckYurqYcNnudXdWCydPJuYhBw==
expires: Thu, 22 Jun 2023 14:08:04 GMT

GET
H2 200 project.js Show response
www.safeguardcyber.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 44ms
0ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8311071
x-amz-server-side-encryption: AES256
cf-ray: 71f58dc939449b2e-FRA
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toLeYZE7EkcHU9woj2tRanE8RUR6chkMuAu1scNURAA8KjZ4D4H7Vysmv3%2BIYI7PvIPyX6Xk6c8LE5fYmllvRvQzNrQapb5c0klOaRE0vZtomSkGaQS0gljPYS6sS6Djv5Wt%2BtjwnnEmuwz%2F069TYQwVfHw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: QGpm7pNuMeHHjdOSQvVabr4yyJkQjvNfrf7wMr7R3QfV9nZTL386XA==
expires: Thu, 22 Jun 2023 14:08:04 GMT

GET
H2 200 v2.js Show response
www.safeguardcyber.com/_hcms/forms/ 585 KB
147 KB 15ms
0ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 239
x-amz-server-side-encryption: AES256
cf-ray: 71f58dc939469b2e-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 21 Jun 2022 02:51:01 UTC
server: cloudflare
etag: W/"6e63031a8c528e5eccaa863d635b3ed8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0TXR%2BPGTAdZbeb8gUumcTbtDTq%2BZD1VsuSso%2BaiSKY%2BjyeC1k8fza0s0nR82FGNJGYWoXy34ODzK8URIC2JA3VX8G7ohK9qg9vHqulK8utC78slrnq4asvF1gUJ7wmLXo%2FsrvzxFqJ8V91JT1q%2B6%2Bv8TFM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 6vyCWacfN9CPqy_wPW84vx64jCxte7kG
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ULlgu8RIMg4_-bPO87TBJJTeLKbOdfR4eK7KojEUO5zyGeaa41XfRA==
x-hs-target-asset: FormsNext/static-5.508/bundles/project_with_deps.js

GET
H2 200 overrides.min.css
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596036400/1654890059140/safeguard/css/ 7 KB
3 KB 50ms
44ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596036400/1654890059140/safeguard/css/overrides.min.css
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc5d5ad85e0e60fa539bebbc329da01cd7557505b8eda870f29141c3f2ab6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654890059948
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 93
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: 6A8WSK80R1A6J16A
x-amz-id-2: nG196TSA/gtSku6m0mZEXiEIZ8SvcyCTzT5IMpJigDBedT3HhGehbo7O+/EytFfPcjgzHjqQTdM=
last-modified: Fri, 10 Jun 2022 19:41:00 GMT
server: cloudflare
etag: W/"7c3c275bb4092080658404b01618a893"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcVZaKX9UqUzjs2KjlyOkUnZRsSkmJC%2FJ%2B65qb3XkLUK3cslRPdLC6JhzzRfdf2dQt1r4bFm9WbxTRBsm3%2FFtREQ939%2FfY2nA7ktLdtSMYGP43Im8UYMCudVdsnHVLVmlYBkYjUgBbDHZqENQlNhTdYhydY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: xClY_2Fquv2knl3rn5TNJRA7pYNFpGSw
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dc979c49b2e-FRA
x-amz-cf-id: aRFuSghmaPUCdyg1AjVdYMPC686KphiSq_JqAg0qtTLnnvYvZ8fSeQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 custom.min.css
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/ 240 KB
36 KB 51ms
45ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cf38a199ddf1a29fae427565e500975739238cb06cc4b1406b4ad545caf13cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654890065292
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 956
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: KAFZQFSXGZWGGKRE
x-amz-id-2: EargXxEOvb6zVk092x7dPK/RpshqpkxxBbbg3umQzeivbWIwo6tnNaT8R02pmmYEYtAbLimuBPc=
last-modified: Fri, 10 Jun 2022 19:41:06 GMT
server: cloudflare
etag: W/"708f933791644eae3d8e2bfc0ae423dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myHdpxC4MqIXFqoCiHK5Ud%2FYxwA269YFMDhE0lGn%2FlfjHSlPo1oZmCuulByzJhGbZTYkJyqt%2FcfefSEmzHAiVs7GDuZ2rXx4Bo%2FxN0fUlKoF6gEgyH3nout50Wq5FypqSSZzOLqidwV4jrnVDigJeHuAeUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: U5L9bbN2DNn937bg_kkaUgs4HHvPnCG6
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dc979c79b2e-FRA
x-amz-cf-id: zHZMOvZZQGE5MPc0ksJGuuD_U7BSniO73ZgCGAOhFXdg-XMPpLYUJQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 _blog.min.css
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596061795/1654890061871/safeguard/css/templates/ 18 KB
5 KB 44ms
39ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596061795/1654890061871/safeguard/css/templates/_blog.min.css
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7be64a729899c601c28a074bca4113d1ac09d84eab6e77c6ff5071f5fa3eaf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654890063028
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: WRKPKQFH1PM3WKAX
x-amz-id-2: JV3wY03+ZwsroVom0RQ6ArBb84Ejr5/91Me5ubBxU2dKJZ3U2hgjXV+LMq4vEZY6YfDB/F9JopY=
last-modified: Fri, 10 Jun 2022 19:41:04 GMT
server: cloudflare
etag: W/"13379d7b5daeecda469ae62b82dbdf8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSZ5JNG2yuJWP8m2H%2B4QMIfD2hKJjZpezFJP5GoEh6g43cgImUdCbfIVEQr9QhB%2BVIZzfGpDk3FthSRCy28tvtlA2qtyyIIJkZvFe74RANTmR2s3bhmJ%2ByfTr7DCKWjfZVWQm0ZDGfYAmmmmgt9jh52cmPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: M_kCx38m0P7issaxtz8jr67YSz.PmqSv
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dc979c89b2e-FRA
x-amz-cf-id: CMC31NaGbF9GmeO48JXVkY2lFJsFU02-HLkr0jOfXiKZnhHAxML3oQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 jquery-1.11.2.js Show response
www.safeguardcyber.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
35 KB 49ms
45ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7754944
cf-ray: 71f58dc989ce9b2e-FRA
x-cache: RefreshHit from cloudfront
content-encoding: br
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B66fCpCr3ZzoK9E2sK9WMD6Yp5PBnziNOkW7pj3XnbBvXxni2dZ5NxMw9hsqfb5OSlneAoVCe88apIb3UsTzmR1x0iuRb0gtuiNCLGjBzWffHn7Euez84dfgzs%2F3YCKUiEovUhD0WOgDAJEw5Xu5oBQAQ9o%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: TXL50-P4
content-type: application/javascript
x-amz-cf-id: O_5hEe5tH1TbmdsFBs2adAfaGuVRQ00VGDlObtptUqeYtG31BCrPGg==
expires: Thu, 22 Jun 2023 14:08:04 GMT

GET
H2 200 jquery-migrate-1.2.1.js Show response
www.safeguardcyber.com/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/ 7 KB
4 KB 60ms
56ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/jquery-migrate-1.2.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26138019
cf-ray: 71f58dc989d19b2e-FRA
x-cache: Hit from cloudfront
content-encoding: br
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"eb05d8d73b5b13d8d84308a4751ece96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9MroYwJ40JweV52noN3kyA9Yo7OWt5WBEbqoG6dI%2FOcTJV%2FvTpfgWrbuO%2FxswCnjwXJb8%2Bf%2BEf8I3%2FXad%2B1S570LyoTknxIRMg9qO2%2BXr8VJvSi3qU888EuF3iYbL%2BKmLluk1A%2FWpk1PhzTp%2FueycvFjrs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: bXjnWyNiKc9qvOG_BhjE44cCmgcp67N_MttgtSe-XNJDQwiYpbeFpw==
expires: Thu, 22 Jun 2023 14:08:04 GMT

GET
H2 200 module_43596115471_megamenu.min.css
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43596115471/1646383209046/ 622 B
821 B 58ms
54ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43596115471/1646383209046/module_43596115471_megamenu.min.css
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4b73905e245e08fe5127ecffd96633c641e4b5b71e2c9053bc05627ae304ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1646383209046
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: VPGBVRZVSWWF60WT
x-amz-id-2: tWw34C7m7pomXGXAjefpwmMRbgusY0Uo18YXo6eKA0gX+x6jaaOiyR8LIxmy2peB277jnPAwWOE=
last-modified: Fri, 04 Mar 2022 08:40:10 GMT
server: cloudflare
etag: W/"2ea7d489968dde52070074ab08174095"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=131fQ5YRWqhKTDqgeHIR66f4Vav%2FWXRdSweC5xi%2F2JnmaTqklqs66%2Bsh%2B51TfnJsqgYKdOktk5JcZaXzXgmDmqHt4z%2FgWcAJiOdZRG%2FNGhka2%2F0we9oL4BJL%2BW7ux34PHJmBqnQ%2BisKGUkJqAubxVJMdlrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: Z33Tfey1cWaBp.c9VqUjVAJti5vlDCWp
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dc979c99b2e-FRA
x-amz-cf-id: RlbGW3MfhKbBh89LCOQCdxbHi54c1NNHF-bnuTEbWLWrZ3kbW2rbVA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_43595754156_notification-ribbon.min.css
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43595754156/1626333091429/ 521 B
850 B 47ms
43ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43595754156/1626333091429/module_43595754156_notification-ribbon.min.css
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c294b7dfb9e7478fb1a1a4f883285fd2ad9d87fa70daf35602314adf3659a1ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1626333091429
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: NFHANXXXXNG189WK
x-amz-id-2: rF/uf91ztj81/UHtWhYMdqNNwUVUmCEc+c5GtyJBAgwBX/sHHuAv3nxrM4yqkpV/ZwRF/X24Al4=
last-modified: Thu, 15 Jul 2021 07:11:32 GMT
server: cloudflare
etag: W/"3657885410ed6e5ba77d9b78cd6504f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwf8%2FYnJFN1myLRKASl0IVOfZPnUvVx6iIlLDxfHXI0HyPIAYcKfF53fvET5wRHDU1piBjs5IvAyJ%2BCEqnyoGICR%2F7gXiqszGNaaYv%2Fzk2ovoJfpzzltAowz2BjjLruzr3EZXVdVzt4fe7yIIR0i5vbRhK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: TN3XxqHxGQn8gnB2BZZkTV7Wv01GNjWe
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dc979cb9b2e-FRA
x-amz-cf-id: 6Ui8YEXCaKW2WXbsvDLobAme0Y4oyZicCNQRz43LtVhjJLUnyyAU8Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_43595754153_newsletter-form.min.css
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43595754153/1655869223627/ 11 KB
3 KB 57ms
53ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43595754153/1655869223627/module_43595754153_newsletter-form.min.css
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b6dd752c284d4fca668b255e8f96a3c522a0f00f2fd9e131bb7c372de7b249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1655869223627
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: NX0R8RPZ26XFTS78
x-amz-id-2: E6OMypQ82JfpYqHX/1BhrsWLjDRT0FkpK+OK5Sf+MOQ+Ly5R6fQpRcgb3Z9yOEgs0CdqJNbUwgo=
last-modified: Wed, 22 Jun 2022 03:40:24 GMT
server: cloudflare
etag: W/"c05234ea3c775841b42549e86302f76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwfxV6OKCN8IHX6pVh6SW3iX%2FIhdpIG3WybA6B8VUZXc4%2FxU1g4CKl1tRDeu5eQ3RlpTN8CzkdLLwamrxFKeLHqAXkw8%2F4NqfSMQeMy1VZ4nihGtP8ykfTKN1GO7hjzVu6KXIyu5xXiPm75mXatJH1EAqVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: enWNqelEXhkGlh7LcO57G00YBpxFEcnp
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dc979cc9b2e-FRA
x-amz-cf-id: PwFMC2f5SGotFHNuADUwfbjVEiWKA5whcbpdntpcZudI_shnsX2HvA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_43596061791_social-follow.min.css
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43596061791/1617731895063/ 612 B
1 KB 73ms
70ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43596061791/1617731895063/module_43596061791_social-follow.min.css
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 520c32a673343326a4aa313d7ffe80e0a0fd3c7f1640a4bac44865e592ab9a7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1617731895063
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 2ca1a2664d288773b443dc5e52a8b5b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: QMJXKHXET17QAG2W
x-amz-id-2: w6Ef/v1hSpmgEGpm5/l/36yJr0LchVPk3RSZUpcaHQRXAZ1QPv5rqq2yERXeQBTCXoR1CRRtGtU=
last-modified: Tue, 06 Apr 2021 17:58:16 GMT
server: cloudflare
etag: W/"b2f21519ff46e92e421875457180444c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2F1LLf1hsEw8hV5WAljh6%2BYz27D2bZ6wXcnCFijqERvtjw7jY%2BwKwFKK%2BTvjlqAyQmzHsqLAU1WajtWrM9K3qoIf2bpAb4zyHyROuGOc%2BI3aBg559bNi5UKIJURGYesNNa2O4so7SHPSBwzLUzqoCshJfXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: NbSC.lH5895uThQ0zD2sgCm1wnNHFcbp
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dc979cd9b2e-FRA
x-amz-cf-id: 56TKARduwqzzOoJ3egL0z6Y8yom-I5_oFt9dqgh20Bg_EvvdP2-oKw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 507 KB
159 KB 227ms
9ms Script
text/javascript 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: 6c35b9b57f9166badd7543f4c2fc89ca9034b44c52fd873bee466879d20a0c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-LI-UUID: AAXiCYj6J3qnSA5sswlRGA==
Date: Wed, 22 Jun 2022 14:08:04 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-lva1-x
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 162500
X-CDN: AKAM
X-Li-Fabric: prod-lva1
Expires: Wed, 22 Jun 2022 14:44:24 GMT

GET
H2 200 header-logo.svg
www.safeguardcyber.com/hubfs/ 5 KB
3 KB 102ms
94ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/header-logo.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ad128c1e61ba6f7511a20ac0feaa23dc240a35b3bef6928e6d7841c0f5fd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43662719832,P-3918364,FLS-ALL
age: 221129
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43662719832,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: GEB6T9111YWMANS4
etag: W/"e7fef93bc9f53a8360aede06137da6b9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616498042933
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 25cea41ad7d46d4db1c5c43579cc21ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
x-amz-id-2: Z+nvsP0UL2BFQJXgQ/BpxioVvALs9AVxtOUhtxvfwh2a4HDou+d9pQwHagJayibm35QXbM+r7nw=
last-modified: Tue, 25 May 2021 05:38:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlrINxjYKNZdEmxuKZmhDzGljSQnG%2B%2Fh2xwm1a60lX3Z709vOOBt%2FWkVUQAc57KHk7%2BMdzwQ%2BJ7FnNZKGyGHae37qU0FNA2lBqCzrN3wc8Bm4oDtd1AHgGqyhMxjZrixTCgCzVzPWZJoxT1zPMfyvzVikQA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: W7R1cbZfdkvuAKKafJiyElnEQmCjKe1Z
cf-ray: 71f58dcb6d919b2e-FRA
x-amz-cf-id: Yzv59v7mHJ-hDj84qpd5brMdqygUNNi8grV6oefWTxfi5sMPvCW4TQ==

GET
H2 200 icon-linkedin.svg
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/ 928 B
2 KB 267ms
259ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/icon-linkedin.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258fd3d541c72fc71d093f71f1adac63902996dab4c7c3b5047b6fafdef07810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43921977517,FD-43596932177,P-3918364,FLS-ALL
age: 36014
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43921977517,FD-43596932177,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: 1M7D2DNT32GJP47W
etag: W/"054e24d844e8749a74b1b3d6ff4fe464"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616730799053
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
x-amz-id-2: lCm+nG9EycP1PN2xcEOVZOqDpuXi1TzyX6ALSmAH3QKgDpftLRVj7PYJBdmFjhCwol3hOXhE3Q4=
last-modified: Fri, 26 Mar 2021 03:53:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KdxftOsvJUL5NWB9Oo5u5ZqiCCtbMupKx6x4f1MqR%2F1sRRJ5lOo%2BHzEUvl7U0J8vx%2FIOXmouQ41gHFHUqGfzeih1ze8Wi%2B4Sth78N1%2BJV1Si5JtgrffsYsVfKzH%2FtXFP1Ff8%2BGKlt325POx5RiI1QCyEQ0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: .hk0Tk0No0b3YJ9BxXwa4HybsQ_bEM73
cf-ray: 71f58dcb6d929b2e-FRA
x-amz-cf-id: WppFY0JgIVmYCxAKYSVqOpZrcRNyN15DhGai94MFvKQYNfacvs-TKg==

GET
H2 200 icon-twitter.svg
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/ 5 KB
3 KB 83ms
75ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/icon-twitter.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1662e21a407a7a54ce2335d143b91c78fb02a674d3113e0424ef6757e61cdd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-44208928655,FD-43596932177,P-3918364,FLS-ALL
age: 36014
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44208928655,FD-43596932177,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: V3WMTKSSCNASWQ1J
etag: W/"3e0bf8ba0520125c3f5e5cc821d7f7f3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1617197773486
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
x-amz-id-2: 5X489/+5cv/7+BY0i/oysxWvmmZVeKk5gqTLFPwMF9DAI3sHzYuC4m/JBXurSSGS92dtUwOjHC4=
last-modified: Wed, 31 Mar 2021 13:36:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGR6kY6x6FrCWz%2BJp6CLKyKR96LTVpUEi4qhawTHnos29SXElb0FI6aVqzUarFvR%2BFwzUqzRRmWeVNvUzO95%2FgYHCD6ivma%2FIvW7k8MOrrBRSQcLnvyRx1DEi4bY3ZhVinYxx03FDUc7S1qB6ayTF6VhPw4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: PQSI4MREs6QIeYtku.gDw0Mc.052cSUc
cf-ray: 71f58dcb6d949b2e-FRA
x-amz-cf-id: JBoiISC4lZ_btFMvArovdPcp1grzFbBtzXyrhp4QqB9ePLNTdCUBdA==

GET
H2 200 f37a8d36-84b5-4cf5-ab85-f513b19d24d8.png
no-cache.hubspot.com/cta/default/3918364/ 1 KB
2 KB 213ms
159ms Image
image/png 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/3918364/f37a8d36-84b5-4cf5-ab85-f513b19d24d8.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171e0e7411219f4d4e2d623b005563f4f12c5a597f07f8bfded15fa64a86a9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 61JEEWDB8W3RHM29
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1147
x-amz-id-2: fD2+pSTj7L45Givx8LTTqNM9W2kjrqeO2ivME6W0q5DA0WTBwaKdY/sqK5y/6sbXfJ3p22i2xAk=
last-modified: Mon, 13 Jun 2022 13:56:55 GMT
server: cloudflare
etag: "07eed1436d00ed5c586894d8761089ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wt4xJ5tDivu%2ByknMJteEcbvg4Y8li%2B4DrQRk%2FDIo1cn9NtwdOFhTtogNYZ%2F7SbUrGKiouXdmdWJukzJL6NOrgjQ5GyoD%2F%2BmTFHxHGZ3h5P%2FE47%2BmnmUrBxr30XCYJZLwqDscD0MrXnDdzbgZN9QlFPG9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 71f58dcba8b968fe-FRA

GET
H2 200 current.js Show response
www.safeguardcyber.com/hs/cta/cta/ 16 KB
6 KB 67ms
67ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/hs/cta/cta/current.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b48c2cb2ba7e9deae742d0ee002166e145e11961de0bee3a58fb2cf59ec58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 252
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.79/bundles/current.js&cfRay=71f587a2e2ab9a09-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 71f58dca0ae29b2e-FRA
last-modified: Tue, 26 Apr 2022 03:48:51 UTC
server: cloudflare
etag: W/"5987c6bd527810fdff046c43530ff512"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EVcnT6eDXPxnhbd2li0OVQO%2FYie4IptxACJxRnDXR9TaT5%2BATLfREJmm950Kn%2BWGSEwEQwlaiOaZQzyI%2F2ez8lS6r7Cmy5HPdLf6%2FfP6VF7Ep3p6OPhxGp7tsJHpvVT3YqiNLlx76gAL2mENfMCOfY5K1c%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4c3vhOthrOiBsQHUYobIqea6mR1gtgs.
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 4im6qCFigkwXtl9BngzRT02IYJph3zWvQWJ-60odakIHLWqinJSWEw==
x-hs-target-asset: cta-embed-js/static-1.79/bundles/current.js

GET
H2 200 icon-linkedin-black.svg
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/ 856 B
1 KB 77ms
69ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/icon-linkedin-black.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d579cbb4ef3455034ad872955e1d09f9b8790984348f57ebc24f081f8a449d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43921977516,FD-43596932177,P-3918364,FLS-ALL
age: 36012
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43921977516,FD-43596932177,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: T5Y87S25FEV0EW33
etag: W/"b4bb7228dd684cea15c6691fa7d0274a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616730798965
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
x-amz-id-2: hjuYJihTCiY73OhuzlTI4Xs+lxJpwqGOisopt10azNnnlK7svWVRsm8RgASUPzwHIB7YoO4pifI=
last-modified: Fri, 26 Mar 2021 03:53:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESGBa48alkyKzxJQKKlYY2laxK8KsNt%2Fo%2F9ufWXAysycBAq%2FwBf%2FDBUb5OVaBAeLXAlsOQJIvXs%2BRoFAY6CCDToC2uBgBtrfeJZeqPD5v%2BHRaXJ6dIEldpEPwpaEjmIxh9%2FdxGgtkKy56K7xG6XwEvtu%2BOA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: kxKDQiEK.p2dBLMoqrTWETuAyqcoyXwt
cf-ray: 71f58dcb6d979b2e-FRA
x-amz-cf-id: e8ZHmhYvnZxymR0mE1y3V_HKKIhQiZggs8TCp7YjocQrorVhYPEp0A==

GET
H2 200 icon-twitter-black.svg
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/ 5 KB
3 KB 96ms
88ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/icon-twitter-black.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f262ae2d53bcc3ee8e8f7e1fa7e40eae06ea3a8b9efa54dc16775ff5960cb366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43921973379,FD-43596932177,P-3918364,FLS-ALL
age: 36011
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43921973379,FD-43596932177,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: QFDMR5K0MM88D3Z7
etag: W/"eafb1cade892008fd839ca8ce39ef24e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616730799197
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
x-amz-id-2: qAXnMZ5C4NGYwr4q+bSK2s49LuaknMmBhMmvuV2PGmpPoKmtrqrN5SKAIaCgPUkvLuRJV12yTFU=
last-modified: Fri, 26 Mar 2021 03:53:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jH8DiSVe8wJ4YTOvufdfPVh67MbV2Xv3oD11F26rUh81zY4ZQ2YtbcEYSQ5OTjwC4W3UWwpWYw1K44j9uL6bMvEHCnXQ8w6PMGWZd7l%2F2DKBBmyJ754R6eKf%2FzDVx4uNJ6VsSKikgemCSdGLmD1mzhNi7xI%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: beoP1QOr5cacO2HeJz57PAQGKguZLSR5
cf-ray: 71f58dcb6d989b2e-FRA
x-amz-cf-id: MQZ0z9nPC5xJRLYhnjSQX3p8Fwcsduckg8o6_Q_RxZVBPVAa5qrcsQ==

GET
H2 200 footer-logo.svg
www.safeguardcyber.com/hubfs/ 5 KB
3 KB 110ms
102ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/footer-logo.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ed5aa50fca23b4af006c795f812bcd4bd213f759777c7810f4a65be907d8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43667492938,P-3918364,FLS-ALL
age: 221129
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43667492938,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: T0FTTG6QH5F7GZPG
etag: W/"967b5c63e3113f41617fcc9ceb0d58c3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616505315741
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
x-amz-id-2: 2wx3dC0+LUyVZlywtJm4suBFkswOzg+92OszgiBuCiYx0n4gXG7olWzbrIMMw8rbREBBk9vzROg=
last-modified: Tue, 25 May 2021 05:37:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYKdBO1Dr82fmyhc0ymKE1CnoimuJZYHaShVQZpezRmKVJB3AAS7k4R8zRY6BJsY9pdiQJcPkF4wfpCsP7VNoBWIwnbddepU5g48gSgKeBotUBxg36z%2FouNbihbl6Xjv2jrDIQSYUGwNhiELHjE87dh%2Fjd4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rVkHE.38aIT_.M8WfOODK7uxGRlM8ntd
cf-ray: 71f58dcb6d9a9b2e-FRA
x-amz-cf-id: UUhJnjpD0o8Ds2-uBgbBZEbPYiZTkAmjw-fvzhZuoc2TASTYxtBpeA==

GET
H2 200 icon-linkedin.svg
www.safeguardcyber.com/hubfs/ 928 B
1 KB 108ms
101ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/icon-linkedin.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258fd3d541c72fc71d093f71f1adac63902996dab4c7c3b5047b6fafdef07810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43667492151,P-3918364,FLS-ALL
age: 221129
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43667492151,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: 66C29XHSV6SXPM5V
etag: W/"054e24d844e8749a74b1b3d6ff4fe464"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616504928222
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
x-amz-id-2: IaEo9WpxI6v/mCkX+X5MSx+T0SW0xPIznSLErTXGcek2s0I4fffaShJ5fQ4uwsW6vyxi5Z/PH3U=
last-modified: Tue, 25 May 2021 05:39:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvOLxe5JmiuWkEUfVWZnsIuE5QMOMvp032p%2B04Hp%2FM20OAeCeDBgqLUtrXs4Sjke5WbHz0Ir3C8GHWUMXI2W%2FvQapGUSHvjtQOAcaGiUYpujWicP01JHRY90BrS9AHymlPL433eIyg3hTeYr1VWqmEoULes%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: nWli8hCwPX8eCL9fBQ1ekTmXBuNX1e3C
cf-ray: 71f58dcb6d9c9b2e-FRA
x-amz-cf-id: vCMFvxGeIYHMpcpF8UXmVyAG5jTwP6s7RTrx6XPr6GV2_SBuP40gWQ==

GET
H2 200 icon-twitter.svg
www.safeguardcyber.com/hubfs/ 5 KB
3 KB 106ms
99ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/icon-twitter.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 417b3cafe864819afb67c696d5c88d389eae74c036ba124d3e665b48a3c0b361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-44342658196,P-3918364,FLS-ALL
age: 221129
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44342658196,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: 12SGWZHSB92XKBWE
etag: W/"c4f9f989cc57c1363aab31e574afb793"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1617373378693
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 b66d2d4cfb46d641d455e6640c25f566.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
x-amz-id-2: TpAkI3PCPmy+5gdwq0xhTQWy7+4Ic1eiFGpzFboAr6B0sCOeLIDd8GJOaajv0V72ar6cBRQmQDc=
last-modified: Tue, 25 May 2021 05:39:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UW718%2BZ5RFtV49%2FfouBKJPzDCeJCQx5sbv1GNfS%2BjPPUgo5wHeC0hC8kkmz2jQaqNVd3KH0XgRiluZZ%2Byt40ZB2L%2F2xlXRCk%2FKt5E1s9OXgGrq7rMBpyYaQ0T66Kv8k0k3KXCzsYJzkv3wrviu943x0JQo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: nBE6ShJenUktIHvv3Rdz1M4WuaDe7G3I
cf-ray: 71f58dcb6d9f9b2e-FRA
x-amz-cf-id: usgRDW3jNCnWQy7LVQKVrEW-iG9IkYA4wnZaoZjfiQesLmYF0wfzLw==

GET
H2 200 module_43596115471_megamenu.min.js Show response
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43596115471/1646383208944/ 544 B
869 B 47ms
46ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/module_assets/43596115471/1646383208944/module_43596115471_megamenu.min.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8964852343fcce8ce76f4044a5246529fc803f925d2442d0604fc9cfed018e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1646383208944
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 3d65275b81abaf880be10de6f2c71e9a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: 9JNJDNRHKSY54YZW
x-amz-id-2: rMXhsTNLOtpfJPD/WIaV+dOX0+mOdbQup1Vura1yzPQlFE9RTnROs1jclCq+yLRm26BtrCQKYcI=
last-modified: Fri, 04 Mar 2022 08:40:09 GMT
server: cloudflare
etag: W/"46f4ceab5fded6cb2d349c1475c6e149"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jj9q4%2Fq3yDvwqxEqsDsTX0pVmvXenIzJ%2BMN5yt3u95AWbZ0Sb59IaVM%2BhdsYP778idrNaP1BgnJYOxbXwUqbZWzNEUP3dsXEHrLJUP4%2BitAORBgRZcLVT3c49KcU%2Fq%2BpCbBM7BUtM5nwdpIFg8qlZuDdKJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: mHRkuJAKy_rq7zdEy7TV7EIsD91YnOQ0
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcafcc79b2e-FRA
x-amz-cf-id: PDUPyjmpZn3om7AjxP1gjq0NKz0He_JCB2YLO_7IJdfZc2-J8eb9aA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 main.min.js Show response
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596793455/1654890068481/safeguard/js/ 3 KB
2 KB 55ms
54ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596793455/1654890068481/safeguard/js/main.min.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e080a739324f3e06761179545d8711f8190467ac41de4a9e726121725c8f506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654890068786
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1473
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: W57P99B4N2TC0H3Z
x-amz-id-2: unEsN7/zNfNXrsZoWs45kCv5asih1rwyOLoooBXSQbc3sNLPd4X5zKbnRnSsqvjn1lDcxNym5Oo=
last-modified: Fri, 10 Jun 2022 19:41:09 GMT
server: cloudflare
etag: W/"08124d2dbbefb4cfa4cd19daf3a4faba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jewEL6coZvd%2B1chPQs0mDDqNiRM561TzrK4bFI7igoBq5h42bwkgCye1562a25w4WqkNC9OJ0D7GSmYxZ0pg5BIqlWMs66B9%2FrBwXQusNON9N8QlV2587bA49FHNSbqaiVmEKi8XJEDo5ogJLPd8Rdk8rsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: D.CsUBN_FLQ4DLBbrfk86tvAmvs8Rbin
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcb1cf49b2e-FRA
x-amz-cf-id: DdxgLHMs__GEHY4CKO_qdZ7PqDp-9Ygf_-mQle0VinBLxwWD6fRgxg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 bootstrap.bundle.min.min.js Show response
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596036401/1617372974139/safeguard/js/ 82 KB
23 KB 116ms
107ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596036401/1617372974139/safeguard/js/bootstrap.bundle.min.min.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f033f31efd6a9084c44e6dc18b7a9675a5cda2a5c9aa39b9378cf39bbd9037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1617372975118
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 955
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: 212GSM11M7P9TN76
x-amz-id-2: 18r85VvQWafQrCMxNJwayQjAV7tOjC2Q+G2hd55VVsHAuUf4hvxKq353cVts9y51C+EZxcbMARiWQa+DyT2B8w==
last-modified: Fri, 02 Apr 2021 14:16:16 GMT
server: cloudflare
etag: W/"d28ad025694f79e487a936e2c1f55fa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSWNRYX6HFWR9WpGwz1m5iLwaPjpyjBTJ1gEHLYRL6lszNVg%2FXiiaba6g8hveKZ5oF0c8wRQepyUER3Cc9sKUItIAQC84Mh4%2B52h49XL17E62JkJ7gjI7VcuyFmzj2QOJQJejek2b%2Fli%2BckD86hGdISBxGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: b6ZnxEQbMrkTpgd_zTCXxH4uo_.VGSK_
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcb5d6c9b2e-FRA
x-amz-cf-id: pxghZH72xurE8ooN6_iwU24q4qI7_rLDQ6c8O4ysnoL7hjiY1lHTBw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 navigation.min.js Show response
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596899217/1654890060668/safeguard/js/ 1 KB
1 KB 73ms
64ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596899217/1654890060668/safeguard/js/navigation.min.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822f723254abf8d5ab6e1be14df67301e03d85e16d3ceb068ba97720eb237c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654890060978
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: ATS38ZV1CFYNJ0AQ
x-amz-id-2: jnj+vgDwmqpuM/+/LkcyxMpcVj+VGmjIoEpJJ+2cOrciPTlwZ0Kkon5qWJCRXEUeW0ntBYoTOJo=
last-modified: Fri, 10 Jun 2022 19:41:01 GMT
server: cloudflare
etag: W/"ab3a6fc7aa9eec3ab9cf44f5e56a78c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yQL4R6ThWkuIJ9AJ6VlGS7Rhj3jFdUM7jgPkH9Uv%2F7xCMJfnLUyZ01G8QcQ9gAhFHVczm3I1aD%2FXHry1M%2Fcd7ELm3ULk%2Fsb5xqx8G%2Fpuqm1IMBVgJriyYAGvJdvHEm2fdDVUiVWf1DoVqGg%2BX%2Bh3ozmeGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: icbHUzJHr3lyzRDCMF_7.jYoL08rXgp6
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcb6d859b2e-FRA
x-amz-cf-id: eKMLwOeRYbSUsh0N6Jq8As83G5VjQmecy4mOxtzhay67VF06md5JEA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 slick.min.min.js Show response
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596036403/1617372972695/safeguard/js/plugins/ 42 KB
11 KB 77ms
67ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596036403/1617372972695/safeguard/js/plugins/slick.min.min.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab8b6028677858ecc46f2ed2a009b1ac1a7b2d915066a5386bcf96eb86a38af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1617372973485
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 1b6db55df4d0459558669f7d008cda9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 955
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: M1D76JMBZVSXSBVM
x-amz-id-2: zCulfvB4pJmqg8DxSQ8VfX5u+a0/CcoNXZNtYrXOH4RzWVGvXB9FgpwesWdCcTTzQvjH5jTsb0Y=
last-modified: Fri, 02 Apr 2021 14:16:14 GMT
server: cloudflare
etag: W/"c48861f3ebb3d16f1b86237dee009f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4blT2fmUipD4vSMZpsq6Yddgih9BCQUz%2FcuVVkoTm%2FP4G7igsrBaHo1GUcH0NQ3DCupn7mjc6YMDEO0dedJGVSsAkle2RY3eG37lPbfYsATtw76%2FM89nRV5mX0BCps451CD%2BFUAWFDw4RusYvWQB0ww25E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: sDQGqS_TqjgERXplos8ZNe3MoMZ22gYN
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcb6d899b2e-FRA
x-amz-cf-id: flG2DzSYcMNvh9SAYDSgX9nqDLWB-hwIsgdXq8OdCj5NPTprcxQnKQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 jquery.matchHeight-min.min.js Show response
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596778562/1654890063062/safeguard/js/plugins/ 3 KB
2 KB 74ms
65ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596778562/1654890063062/safeguard/js/plugins/jquery.matchHeight-min.min.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504b90e7a694c8746c5b6172edbdcb92932825c37affc87e8f9f7798d1bfbaf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654890063511
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: 34A3K2XBKEXFKXJV
x-amz-id-2: G5ufZ07rtSBHxUJadMrY3Wfe1AdacSaPHIvTNYdgbq/vsDLTkH9wWSinzU1tzZSb3q4F9yPtSkY=
last-modified: Fri, 10 Jun 2022 19:41:04 GMT
server: cloudflare
etag: W/"96701976fe3b25b08e4e3d05c3ad461f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58J%2FdwJYkZHx8jbAZ%2FWWgw%2Fra0ByB8XZFaurqr3nKUevhy2qbZhzQivCMG%2Fr%2FlOlY%2Bor%2BGdp8qWIdmeP%2BC7WyqD5EgZuF8a%2FcWt5mNJ5VqFWcuWAyLaOG6l2wt4TwU%2Ffj0t4Ehtqu9NLE6n7LVleZ4HUdeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 1FJKpXyWi07g21o3VZrj7IZSAoOCO34M
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcb6d8a9b2e-FRA
x-amz-cf-id: CVZPzxX-PWtXbVc7BTvfCA3RVG1oO5U6i8PaKl2rbglF3csnM5utQA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 custom.min.js Show response
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596793453/1654890063690/safeguard/js/ 2 KB
1 KB 104ms
95ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596793453/1654890063690/safeguard/js/custom.min.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0349fc77e6ab68a53259d00647270bc5e4271a4c9d3b1066971627275007f2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654890063925
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 b9d1b307966c2273bf97ed7c681603da.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: W57VZBH1Z94J52M5
x-amz-id-2: 53KM9kew0MnuEwlgDJaoHTcn9xLIvoR/y/5TXWcy5DQ7BlpwrJ3KcSHYUchJPRDh9hHyV216nv8=
last-modified: Fri, 10 Jun 2022 19:41:04 GMT
server: cloudflare
etag: W/"2778babdc424d906730eafafa19ecc08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwJI48PWI%2F8JtHvLNVY1CUGgi%2BWIXUwDwSuFHQpJwky%2FuA%2Bv8YcqgcDvErico86wUjq93zvFn5ZAwNd4T9RLWpaPxeVw9RHRj6zO1IfINmkme%2FeVv25MrYi9X4cjJJNp9f7sBbha0abpY0EoEmHpdAkCqeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 4UGIKsdtsCFXoAeX4GsN.dEKxU2sP4Gn
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcb6d8b9b2e-FRA
x-amz-cf-id: zDZrXMQo2uEBKB1s7uonBvCSkctsxun8E6hlNOGVuT3zx0ijPI466Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 blog.min.js Show response
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43921196976/1654890060085/safeguard/js/ 909 B
1 KB 73ms
64ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43921196976/1654890060085/safeguard/js/blog.min.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e7b3c3c49c4f1afb12133a3bcb9e5fc541ce46e6bcfe0d536f3791915aeeffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654890060331
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 9557da2570df16242f84a67f254d7f30.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1474
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: X0MNDC5WGNV0JCQ1
x-amz-id-2: Mi4QUnH1R07iGj+Nane3z3nf599qJ3M2se//DsRb60RflmdwLvIfO7pdtk0OiQqGLbp1B/ECXDg=
last-modified: Fri, 10 Jun 2022 19:41:01 GMT
server: cloudflare
etag: W/"7b7c08cf65d8ae75325331fe46cab7cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmLJTCEiMOJ1did8nT%2BJylCnWRQGhR%2FlAGazcJjnBC3DjVYJgJzBNL292T0mHV1O2BeqoNKDaQqH4kKLemWrUYffTDZCTTzLWLOWWvEoajYBvU1myLMkulXtFBQzqXlcWWHRFSwTg9gic2al%2FCVAsIeNPPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 4R8i7.MSHCKY48.6ZTCpBHHPIc83958c
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcb6d8c9b2e-FRA
x-amz-cf-id: fo_YMx3RyKnEns4mxCGqgPPvI2_fOeMyn3ckYIPC1-5D3fO6ioD77Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 3918364.js Show response
www.safeguardcyber.com/hs/scriptloader/ 2 KB
1 KB 115ms
108ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hs/scriptloader/3918364.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff049ea3e6d3eea94c61fc75b0bbd39a7e6414079df50c6e671df2e56265ae62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26
cf-polished: origSize=2435
cf-bgj: minify
x-hubspot-correlation-id: 5344f7dd-c405-46d2-a0a3-22d89351c055
last-modified: Wed, 22 Jun 2022 14:07:38 GMT
server: cloudflare
x-trace: 2B8D0B1D7A7A6EE58D4AE83738F421E07A469E5915000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4ETPn0yLQo10MuKH9Nct1COwywS%2F0BltksjXzriuhYyYNZyTivYd9ZsJZugbjRdGBozFXJivxQ6CYDlt9Wfpf6GRd8WuShNF4rwqnNlGZmXxzaMX4ehJKM8qc892t5MRl%2B6eCTTyb85vdJqK2D0sFO60kc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.safeguardcyber.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 71f58dcb6da09b2e-FRA
expires: Wed, 22 Jun 2022 14:09:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 300 KB
89 KB 185ms
59ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZBTFWG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc36dd659141995849f00b3e7f855fb2c9d710ddf7faafa0559e61894270a2dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90640
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Jun 2022 14:08:04 GMT

GET
H2 200 v1.js Show response
static.userback.io/widget/ 465 KB
137 KB 56ms
11ms Script
application/javascript 108.157.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.userback.io/widget/v1.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-64.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5beb7bd460e9306ae1f1bc43a48860f99c6aa04b086c54c2d9da170e693ca44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:47:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 00:08:42 GMT
server: AmazonS3
age: 69635
etag: W/"c3d17613c18a98c95146cf1fd7a35d4c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: e9EEoYjaH_jDe6XXnHaBT3i_ctZGb-YQ8EG9FRjpfgZrcunHz6MumQ==

GET
H2 200 SohneMono-Buch.woff
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/fonts/ 21 KB
22 KB 69ms
68ms Font
application/font-woff 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/fonts/SohneMono-Buch.woff
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6124da777db23e4e2c169d68f7b2eaed5e1deb23150ad500cbf508e3eec67156

Request headers

Referer: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Origin: https://www.safeguardcyber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43939831570,FD-43939380226,P-3918364,FLS-ALL
age: 228352
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43939831570,FD-43939380226,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: H16NMPJ35NBGGBHF
etag: W/"4c1051868ad8e3735dab99be194bcc4f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616774505638
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
x-amz-id-2: w/zSKVmZL2SAAagZ/SZRIl7YSmYhVSX5lg26pFAZM5E8108XZ1CFdwpPyu8frmVpo5uP69l5lH8=
last-modified: Fri, 26 Mar 2021 16:01:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgX8ZbK4nw5Q8kY2s0qzDYyhju9SSA3k8kvw7zkVZks2O7nDXn5NH3tIwD%2FR29Bj6VE1SZ03cpSkFfbX6wnHjnU1Jy6F64pT7W24A%2BD9uISomdxD7XJAM97VQfq685L5V20Y0LhtdLEd5ld62eg0PdLv5ZU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: p3LECDnz5aeX0zf9G0HPtywehW1C_Y.u
cf-ray: 71f58dcb6da39b2e-FRA
x-amz-cf-id: 3lVU-y49XS1IEe0JyWoMJCV2QkMUOfesGQTHY8N7kPtOQmUnXyy_kQ==

GET
H2 200 cl3xevv6g2194309mmlti7mycv Show response
capture.navattic.com/ Frame 7317 3 KB
2 KB 147ms
58ms Document
text/html 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391c4c9c63b5194ee228e4f009a1f14bd7dc09f10bf48b91223712bb0af81bc1

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *, authorization, content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-ray: 71f58dcc0afc9249-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 22 Jun 2022 14:08:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 banner-bg.png
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/ 7 KB
8 KB 74ms
74ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/banner-bg.png
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2b73c0ad0ace33f69a9ded36d32edbca560be0bb8b3c83c9c9a1399b56bed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-43939831565,FD-43596932177,P-3918364,FLS-ALL
age: 36013
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43939831565,FD-43596932177,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: DCEWPBMDAM7X49K9
cf-bgj: imgq:85,h2pri
etag: "9615f06fa143745c86e3dd41aa6cffb7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616774505526
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: status=format_not_supported
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
content-length: 6962
x-amz-id-2: cxeDYgYi8omNcF/G8OSfIsNrWH0stnpTAsVTaFt2sZjhaYi398J7g7URKD1IEBxoP3GrBLLZDqY=
last-modified: Fri, 26 Mar 2021 16:01:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9gVimI0QMbqBDi6rowcSM9uKBGzGSWV0VUy%2FMS0TMpLveKwrv4LAE%2FUupgnuSqXnF76lR%2FAb5sXPD2To7TcZMKgHKgNc%2B8g%2Fh%2FxH3Y29ttuLtUqveBX4pGe2%2ByQ31xOXw6CFjhtz8Kaeq09HU2eGPabqOA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: WfeYiiH65tzdQTmAhB5Y07GI92wKYatL
accept-ranges: bytes
cf-ray: 71f58dcb8de39b2e-FRA
x-amz-cf-id: 7D_2MnEWc8f8f3HcSoJ5tyvBaaRkS_CIlo4M-vVmC3oEF2lbTXTmmw==

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4454e20b443e2b925f5fbc472f35647ff40589d9b1205196e4838697ebb7eb1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Multi-Channel%20Communication%20Attacks_blog%20banner.jpg
www.safeguardcyber.com/hubfs/ 24 KB
25 KB 69ms
65ms Image
image/webp 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/Multi-Channel%20Communication%20Attacks_blog%20banner.jpg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b247d7b224b52700794b571a2093e2d12158c5fa14711d60538444016642493d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-75697262103,P-3918364,FLS-ALL
age: 92
x-amz-server-side-encryption: AES256
edge-cache-tag: F-75697262103,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Multi-Channel%20Communication%20Attacks_blog%20banner.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: KGKCA7383EBN4VM3
cf-bgj: imgq:85,h2pri
etag: "dcc40fd884c80741d14e4a123a5b1fdc"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1654683857705
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=247572
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 24688
x-amz-id-2: hErFQneU5W1dEKBwiVaD1NqaIvW8Tx0AlFYPHxe7p6i1fUUt4drnUMOj5uQupHrUuwS/0F1JoMk=
last-modified: Wed, 08 Jun 2022 10:24:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkVo0AtRRJujpSVJIstI%2FcfX%2BJJHHpIE4wz5J4FWIQe0hb19TVF8y8ZC8hcNJ0erMz9F9iYJiIxJ1LdjA%2BqA7%2Bec7x3HKUfezMEzc0oZAoTAyDF8XCjE2s7KKgRUUijLchAQQh5%2FI8GlIit9%2FYB3yp8%2FxU4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: GfQFNmTe4nJUr_RHWI7ehDANjQMGH2eK
accept-ranges: bytes
cf-ray: 71f58dcb9e039b2e-FRA
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-id: A8cf_VsNwZcFMUyuaLWix3AFkjIAH7-MSY6O1tEI3VskFSVhk0qbdA==

GET
H2 200 rectangle-5@2x.png
14515786.fs1.hubspotusercontent-na1.net/hubfs/14515786/ 195 KB
196 KB 182ms
95ms Image
image/png 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://14515786.fs1.hubspotusercontent-na1.net/hubfs/14515786/rectangle-5@2x.png
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da28ec22af37d5c341ebf4f5797ccad43bb9ac59ed95432f9561bec882aceeda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-43102480742,P-14515786,FLS-ALL
age: 8192
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43102480742,P-14515786,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: QFDPN7KW8M0M7ZSK
etag: "7d8ae5fb1dd4db52b0e89c2c59b20a0b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1615800136958
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 5f0256b858eb482d76fb1e14a1b7a666.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: WAW50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 199292
x-amz-id-2: QdL8UmtFcp7MinvCi6UYjeZ5/As7iaF6fuAEjhUldr/xm5tE11px/QX3Vpzc9fwbaBHbQU/xEjo=
last-modified: Mon, 15 Mar 2021 09:22:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: Mbq4uD8Ezc80eFSyhMYvnRZCbRVvXNqn
accept-ranges: bytes
cf-ray: 71f58dcc193c912e-FRA
x-amz-cf-id: 9zDfXQJ9grgdOzCDAwoIGkhhsSOPYWd1QDo94rOV3Z6SlK1ryE8CmA==

GET
H2 200 plus-icon.svg
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/ 713 B
1 KB 75ms
71ms Image
image/svg+xml 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/images/plus-icon.svg
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ebe6cf0e76708be4faee0ff4b23f035d831e43512f6b6543b05158a97060d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-44522554677,FD-43596932177,P-3918364,FLS-ALL
age: 221129
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44522554677,FD-43596932177,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: VBEHECHGM75H2HAX
etag: W/"9810146a780a545e24a86cf439a64547"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1617715435065
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 d2182626bf7a31d463bb4b9335724f24.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
x-amz-id-2: B4EIfPzSQZ41J18naz+w4KdFhm8TUIuyznCsJ5VwJIW9lIA4rqkCOfmYnWKUgOFgw5FfFM2Spdo=
last-modified: Tue, 06 Apr 2021 13:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG9%2FD6g8B3EFFT1JTMcL71W1YeflAfweJ2CkPjotMdq59hLTa4jhNEgcbjIGkE1i%2F2AzZBhvwa84B2AE6nMB3zNwd12uwEbd%2F0KA1gwunIT0X9bX1HoQIqCgntIIbpafV91flNVRgKJhFB%2B1dn2k88iJL7w%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: MDOZsZBE2ye9xBoDsIz0S02Oe6gD8hBM
cf-ray: 71f58dcb9e059b2e-FRA
x-amz-cf-id: j7YZ8V97OBoB2d9l-AiU9WaIFonvepruz2tdPtZouZVKaCXsJDGYeg==

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25ecbead95bea9d78badcb52b16a272d22b492b8f96585cc3680a06cd4cc37f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 multi-channel-communication-attacks-demo
www.safeguardcyber.com/blog/security/ 71 KB
71 KB 78ms
76ms Image
text/html 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-powered-by: HubSpot
edge-cache-tag: CT-48763029526,CT-62082826551,CT-69454130840,CT-75696837232,CG-43923902643,P-3918364,CW-43595754150,CW-43595754153,CW-43595754156,CW-43596036378,CW-43596061791,CW-43596115471,E-43596036400,E-43596036401,E-43596036403,E-43596061795,E-43596115499,E-43596271684,E-43596778562,E-43596778563,E-43596793453,E-43596793455,E-43596899217,E-43919529854,E-43920370102,E-43921196976,MENU-43615149175,MENU-43656299588,MENU-43656299902,MENU-43656309362,MENU-43667234636,MENU-43667313233,MENU-43667316625,MENU-43667317875,MENU-43667346774,MENU-43667347014,RA-43919371816,RA-43920370083,RA-43920391827,RA-43939984135,RA-44210302130,PGS-ALL,SW-1,GC-43597287514,GC-43598134326,GC-43656298863,TS-43596036377
x-hs-combine-css: Disabled
x-hs-prerendered: Wed, 22 Jun 2022 03:40:31 GMT
x-hs-cf-cache-status: HIT
strict-transport-security: max-age=31536000
x-hs-content-id: 75696837232
referrer-policy: no-referrer-when-downgrade
x-hs-content-campaign-id: 8b2ba52a-69e5-42bb-ba82-9487bc0f18d7
x-hs-cache-control: s-maxage=14400, max-age=0
x-hs-hub-id: 3918364
last-modified: Wed, 22 Jun 2022 03:40:31 GMT
server: cloudflare
etag: W/"47c59db6bb597dd465b5c816b8d9450c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
content-type: text/html; charset=UTF-8
cache-control: s-maxage=14400, max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BQuoIMNcLQwBsb3NUAyfid1WbXdbOo6HjYDLImjRZr0UTt3eDAJWpXxE70MCBB9Bo3QaY%2BlW%2FTk1CgcZPyM7%2FsFMkf6tWmxLd5e8VXP7yY2HTMQJpnPS63Zr%2FZPpnj9lx6N6zpbyvlj0nrrSf5lFrA3kmc%3D"}],"group":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
cf-ray: 71f58dcb9e079b2e-FRA
link: </hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
cf-h2-pushed: </hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</_hcms/forms/v2.js>

GET
H2 200 SohneBreit-Halbfett.woff
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/fonts/ 30 KB
30 KB 67ms
66ms Font
application/font-woff 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/fonts/SohneBreit-Halbfett.woff
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 813ebf9c45665dffb61e9e34f50fc7734baf7d0f90d17b156bcf85aba779531c

Request headers

Referer: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Origin: https://www.safeguardcyber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43939831568,FD-43939380226,P-3918364,FLS-ALL
age: 57498
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43939831568,FD-43939380226,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: N7YVRJ90V8E3QFFY
etag: W/"def8c73039738bf5db706bdac02ba747"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616774505607
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 da38961a461b7c877fd77dd3469eb304.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
x-amz-id-2: 9XutKBJW8zcSmSohYpVJ6+a98NYDZceOAyiAbOUJIdpo/6lCx07Wlvt2dqCH+HVq4RwBKvuA/eI=
last-modified: Fri, 26 Mar 2021 16:01:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64HWbBIr1uID5L3HyZ2%2BbQuIiXQmbf%2BGLLB9rDmlUK05%2BSMT65akrGiPS4YwdLxrtzyAuq2VKcEj%2BAJXNxzXI7K54UscSNXwKX%2BseBi04Hl077E0pcHFgr80yO2BFYGwkNB44%2B%2FqIXpG9RkvniS7x%2BmKCI4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: g8AcyEyMRK1NUzus2GKSYika3pECT6.0
cf-ray: 71f58dcb9dfd9b2e-FRA
x-amz-cf-id: 3KdBKGygCoioUzokDIuSYMgmyNR1R9ktxmCF8IZlkvFvgPXSNFHg5Q==

GET
H2 200 SohneBreit-Leicht.woff
www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/fonts/ 29 KB
30 KB 74ms
73ms Font
application/font-woff 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/hubfs/raw_assets/public/safeguard/fonts/SohneBreit-Leicht.woff
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4856e499bd2475985f743eca30f14d130060708ba01b48cece5803bb76d365b

Request headers

Referer: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Origin: https://www.safeguardcyber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43939831569,FD-43939380226,P-3918364,FLS-ALL
age: 228352
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43939831569,FD-43939380226,P-3918364,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: QH13Z7ZTJB3Q4N0J
etag: W/"42076b9fd05ddfe4a6a335390199900f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1616774505607
date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
x-amz-id-2: LNkSWPr4oBhTqOoHKsvbwEutQRDHTO8zx/wrthnPPolNYm0pDplMgbF9u+nrVWZEyhObC6Fgdfs=
last-modified: Fri, 26 Mar 2021 16:01:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fY%2B95LhxsrZG5KhU7PaE1fMqQ5%2F72GYlz9DC%2FfToJSeOaqhZOgJxM77Z77S4JIAtitJ8iaCX8bXCP9BEzTCZu%2F8Gy8TxG%2Btc84IYjwZF4S41GwpMQ2i7M66IPJCneKfkdhn6S6Bd7zNfbuea1fE%2Bpr7%2F6U%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4IrFOtl_LvLhGMaoxDs5WVlSHRTb7eqc
cf-ray: 71f58dcb9dff9b2e-FRA
x-amz-cf-id: Msto3IRqhZ4xVhKz7WIcP0b38kh3Id2illjcUGiHfp7s6UrPQjKxRA==

GET
H2 200 json Show response
www.safeguardcyber.com/_hcms/forms//embed/v3/form/3918364/cb5c80e0-72aa-4216-b7ea-cb9dbf8ccb45/ 8 KB
3 KB 178ms
177ms XHR
application/json 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/_hcms/forms//embed/v3/form/3918364/cb5c80e0-72aa-4216-b7ea-cb9dbf8ccb45/json?hutk=

Requested by

Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b565332fa03a1b4f9853bcb8f5cd7cbc61db6e9b2cb12ad265f26cb8f77125d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8d7cca8b-451b-4df9-a36b-f549b1ed8bfa
cf-ray: 71f58dcd08989b2e-FRA
access-control-allow-methods: OPTIONS, GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
x-trace: 2B460EFE961F7055128387100536A0F64C055C62D7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CULpTEro%2FU5%2BdSjGMEW%2BQVgb5Pfx5XBZN%2FkCWG8zeC7QPsjlfo68HBIrFgcwgsI9aTe3AohUJHAOcTt%2BlKscuJHGx4eS28Gy6w5jUh42lUTVbzQytartG7bDDrQBVfuzll%2FGwkOFT3PBN669zGeZXhYrwAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 29ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49fbf4f218bb4866ab6daf8f233298eee909f8673f925ab1aee636b7d0b04191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aJ4gnWBfPoD8ifXOyi14lw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: POwsyUYXtlSSjCaTHrWxdlq9V375OuI1P8W28AXjOee8r1uPzMIlL4Whrdl39nnOAuabfDYbnXhaBG1+bmNS+A==
x-fb-trip-id: 686109401
x-fb-content-md5: 1a4f186e59c80dbc59e18f40d20b34ae
x-frame-options: DENY
date: Wed, 22 Jun 2022 14:08:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0d971d52ec3dca8ece00d832263a87c5"
timing-allow-origin: *
expires: Wed, 22 Jun 2022 14:18:49 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 73ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 344
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29459
x-tw-cdn: VZ
Last-Modified: Thu, 02 Jun 2022 18:12:37 GMT
Server: ECS (frb/67F2)
Etag: "5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 3918364.js Show response
js.hs-analytics.net/analytics/1655906700000/ 67 KB
21 KB 205ms
184ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1655906700000/3918364.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs/scriptloader/3918364.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51441fd93888a80b9ce201ffe124cef25f56ce700d6060528f60d067b952c462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 61JDPGT9CDSQ96EE
x-amz-server-side-encryption: AES256
cf-ray: 71f58dcd39ccbb3d-FRA
x-amz-id-2: aOyconItuWW9/QR2Z7XueCMuyAwSn4lUEdxZqqTb4c5RUQ2oz6rR1dm7dyQaTiK9rChxPLAKzfE=
last-modified: Tue, 14 Jun 2022 15:12:40 GMT
server: cloudflare
etag: W/"933ce9686f20cdc9e8fe9d585fb52e94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 22 Jun 2022 14:13:04 GMT

GET
H2 200 3918364.js Show response
js.hs-banner.com/ 69 KB
18 KB 93ms
60ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3918364.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs/scriptloader/3918364.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4960edde631318c4df29ed9130f9523f00ecce1e6f38e90099c3fe8d8c69343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 92
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: WGHF6V2DZRWJV5P2
x-amz-id-2: IJ3oMKGWf+A1sfjc9fYgVXjQAjCUjPQTLDtE+XnhzgMe+sri7Qd6FiJMjhCDGN1ekJxgwcfD0UY=
timing-allow-origin: *
last-modified: Fri, 03 Jun 2022 14:10:35 GMT
server: cloudflare
etag: W/"f58391cad5077c8bffee763fe6dcfedc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: jR0DjIBYR7S.x8KLEYwpEadmawpYIM0o
access-control-allow-origin: https://www.safeguardcyber.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 71f58dcd5a2f9156-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 22 Jun 2022 14:11:32 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 72 KB
21 KB 91ms
52ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs/scriptloader/3918364.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 245
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10231/bundles/project.js&cfRay=71f587cf9b909241-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 13 Jun 2022 04:26:28 UTC
server: cloudflare
etag: W/"d0b8bb93285841cdfb13313435e2d467"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vc1SRxdlKcOgNfVcksJ2KUyWlsnYWj5h
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcd687392b4-FRA
x-amz-cf-id: YFJmh6NhHyTF0ZRYIFsyVeTLdoDluZvPBa5BFoT494M4EEn84wnsKA==
x-hs-target-asset: conversations-embed/static-1.10231/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 547 KB
88 KB 90ms
55ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs/scriptloader/3918364.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd03eda5317d9d62243195e41b4b52d55640561480d2682fcf6daf9b90987434

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Origin: https://www.safeguardcyber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 26
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1092/bundle/main/lead-flows-release.js&cfRay=71f58d29c86a91ef-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 71f58dcd5a8991e9-FRA
last-modified: Tue, 14 Jun 2022 09:22:35 UTC
server: cloudflare
etag: W/"4d9060d46ded886725fdadd2918d8827"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: Ln2dBnu66WcBGVnZb6Z.xnR7vFzaf.57
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ygPfA9dHmQ-GHwLYBy3vIc3ZgTMtv1jcKVj9G3Rn-_atLQWtc0Kb9A==
x-hs-target-asset: lead-flows-js/static-1.1092/bundle/main/lead-flows-release.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 62ms
27ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs/scriptloader/3918364.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f77149b1beed108b3d3ad88b9170a8a27e1c6eedb0ed30c698492b4586372d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 495
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.280/bundles/pixels-release.js&cfRay=71f581b378335cb0-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 21 Jun 2022 12:07:02 UTC
server: cloudflare
etag: W/"b2851680cfd5ddf0808f77f92bc6969d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LETuWsZMnftQGCDTSmAdJHQ8_upu6cZ6
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 71f58dcd59279b2e-FRA
x-amz-cf-id: X-GkdVI_iVvtlW56VzBPpI-QR2Wyu2dFo9uHDhhSvqkbGyEx_44G9w==
x-hs-target-asset: adsscriptloaderstatic/static-1.280/bundles/pixels-release.js

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
352 B 193ms
172ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3918364&callback=jsonpHandler

Requested by

Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 873594b3-8aae-43d1-82c3-b6f6cf7d44bb
x-trace: 2B85E3170AA36D3977CB1B8551CD42EB54F366C8DA000000000000000000
date: Wed, 22 Jun 2022 14:08:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
cf-cache-status: DYNAMIC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=71f58dcd3b4c68fe&resource=unknown"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 71f58dcd3b4c68fe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 ajax-loader.gif
www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/ 102 B
102 B 66ms
65ms Image
text/html 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/ajax-loader.gif
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b06e4f9701667cbfb2c27b4955dfb26ad87cf2d410df01289c744f17a1a0257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
via: 1.1 a7a1b4c19abc42d237405ce4c4069f10.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 91
cf-ray: 71f58dcd38f29b2e-FRA
x-cache: Error from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
last-modified: Tue, 19 Feb 2019 20:12:00 GMT
server: cloudflare
etag: W/"f6e4b6cdb45684ca8239a8161901d7ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Lsh%2FVTmM54Yi5OJLTBUiRwA9HduGsxAW%2F%2BwMDKxYkQUng1t%2FyEgUpSqMn29xl1nMTabjDUsaFUhl%2BHAxEYzuj2NqJ2Reuy%2BFC5EKXG%2B29fHIBraoR7ZxKXef3d3qoluozHdIoyWYxe7e5QRcMEfqZczZ4g%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: oQ5g.LoAEFK3mdk3M1pWALQQ6oLrzuy3
cache-control: s-maxage=300, max-age=600
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-P1
content-type: text/html; charset=utf-8
x-amz-cf-id: VSz654iBLXfScejF3ojQPsV3YlA2k67wE_XYz4G807vxdrH5TqUvNw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

POST
H2 200 / Show response
api.userback.io/ 3 KB
2 KB 320ms
113ms XHR
application/json 3.224.13.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userback.io/?loadWidgetConfig
Requested by: Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.13.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-13-60.compute-1.amazonaws.com
Software: nginx/1.20.0 / PHP/7.4.21
Resource Hash: ae29de83c0fd25dc8219094b08dea9412c4ad792c019409976baa57f659edff2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: gzip
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 navattic.js Show response
js.navattic.com/ Frame 7317 669 KB
218 KB 172ms
159ms Script
text/javascript 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.navattic.com/navattic.js
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064658b1712e7d525359709b3ce29ebdeb8f1a51d90f2b527415366eaec6acaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cf-ray: 71f58dcd6d909249-FRA
access-control-allow-headers: *

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 4 KB
2 KB 220ms
178ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo&pageId=75696837232&pid=3918364&sv=cta-embed-js-static-1.79&rdy=1&cos=1&df=t&pg=f37a8d36-84b5-4cf5-ab85-f513b19d24d8

Requested by

Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dce6e7313e88786783ba4310d9dd266491a16a7a9502217ecee5e336008409d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-hublet: na1
date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 830ee615-0ad8-4fdd-a564-a37e882c5627
access-control-allow-methods: OPTIONS, GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex, follow
server: cloudflare
x-trace: 2BE3F3F2009698A941F0B8622228357309D3E734F4000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pOkGvP4bJWMzrdtgJQuTZi8BE2%2FxS70emBJ0%2B9avVwpLYXJlRjvjkCqjrf8glrGiWhSkHm%2FWaK7QUfwo5c33RoNLJ5U1Ifl8zVf1yxaashUKe3LlT%2BzOayMteokGccy46n%2BE%2FYnNuI%2FTQ3MXeLQ27Iiz%2BQo3MwD4uA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.safeguardcyber.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 71f58dcdbc4668fe-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 136ms
40ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZBTFWG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4737
date: Wed, 22 Jun 2022 12:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 22 Jun 2022 14:49:07 GMT

GET
H2 200 hotjar-1099436.js Show response
static.hotjar.com/c/ 4 KB
2 KB 56ms
18ms Script
application/javascript 143.204.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1099436.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZBTFWG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-100.fra50.r.cloudfront.net

Software

Resource Hash

c8b7f279a0d4d893b4b8ebd5d1081e28ea309ff76643d5a6817d87ea12664b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 26
etag: W/0c9bcc7d0a735b905aceb2c268d5eb4c
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: iGb8Vz-mxDy-dKtjVaJyo79e3tGsMl4TNjPYhD2YCXpEU9ARBl19uw==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 61ms
11ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZBTFWG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 662
Date: Wed, 22 Jun 2022 14:08:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 0
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=81826
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 162ms
8ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZBTFWG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kcgs7200162-IAD, cache-hhn11544-HHN

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 156ms
55ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZBTFWG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 14:08:04 GMT

GET
H2 200 hotjar-1932619.js Show response
static.hotjar.com/c/ 4 KB
2 KB 48ms
15ms Script
application/javascript 143.204.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1932619.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZBTFWG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-100.fra50.r.cloudfront.net

Software

Resource Hash

1a59686e4bcb32dd11b466a10fed58b7f1a567f9e7973f05fc0f3fc279a19775

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 26
etag: W/ef25c4f0797e7e7dd983cb9ea10821af
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pTcExomrVhEzeQ-b4lRA4mpskeVGw44K695gb8ceWjXND8rq1ZDZLA==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: ERhRT+EWCMi4gUCtmtaciOUUVThe8Zb5oiOpJP3pcQ4ws7/aHJeRmhV/fsBoc72cUnsDjZqVOQ9SDwwdEXKfJQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Jun 2022 14:08:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 83ms
31ms Script
application/javascript 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9715
Pragma: no-cache
Last-Modified: Thu, 05 May 2022 03:45:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6273484d-7b02"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 22 Jun 2022 14:08:04 GMT

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 83ms
27ms Script
application/javascript 23.111.9.64
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://scout-cdn.salesloft.com/sl.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.64 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: NetDNA-cache/2.2
x-amz-request-id: YGF6H5G0SHQAN438
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
x-cache: HIT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
content-type: application/javascript
x-amz-id-2: rSauwh23iA5aC1WSEjra+DmAqHPjIapnELUWMdHEg19/tj96pmD5Yl4kTbbYKfyuftVAT9iGSHw=

GET
H2 200 d4e7isniz9na.js Show response
js.driftt.com/include/1655907000000/ 210 KB
60 KB 188ms
133ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1655907000000/d4e7isniz9na.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7ce39788e0d5748b7aae96377e74954f63bad1a7468b3db5505bf0937b85e288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: rOG3SE0qL8NYavRP7w8qRZc8o2Xt3kcx
content-encoding: gzip
etag: W/"aa5cd23a2ead9b56133b281532aaa424"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 15:46:18 GMT
server: nginx
date: Wed, 22 Jun 2022 14:08:04 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G9umAagQVHv0mpnH_qPHVqwZFPBkOhd_HRo4bMleXPvXdoHxU-24Jw==

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 596 KB
111 KB 62ms
6ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZBTFWG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b91df6642e094335a86d1ec981f362294b3635a6f5b53e89d044fb6957f8fb50

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: br
vary: Accept-Encoding
age: 192
x-cache: HIT, HIT
content-length: 112775
x-served-by: cache-iad-kjyo7100078-IAD, cache-hhn4023-HHN
access-control-allow-origin: *
x-browser-version: 103
last-modified: Tue, 21 Jun 2022 12:21:55 GMT
x-timer: S1655906885.875171,VS0,VE0
etag: "62b1b7e3-1b887"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 44

GET
H2 200 lftracker_v1_p1e024BOd1paGB6d.js Show response
sc.lfeeder.com/ 29 KB
10 KB 126ms
31ms Script
application/javascript 2600:9000:2315:9000:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_p1e024BOd1paGB6d.js
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9000:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95071237376cf303c5753fcc2f7118f5a286fb147a0a6d676608b1a435a64885

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: RKLW2rZgQ9TewIk5bVzlD_Z5fAqs015M
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 10:20:48 GMT
server: AmazonS3
age: 3507
etag: W/"23936fefd6935bbd0f0aecf884306c54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Wed, 22 Jun 2022 13:09:37 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: NQgI82zihneSyC6fi2crbg2FYqWzpAPtOCOj4TLUSQDNbOggw7Ob-Q==

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 48ms
30ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=f50901356f8d63c87b7262458578cf00

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

823d8549a4f721389b1f6745933ea74706228a932cc737c9c0f7e9d1a87b73ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Origin: https://www.safeguardcyber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: g14toYD/1Flujnl9e8sceA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87362
x-fb-rlafr: 0
x-fb-debug: h3eC1dKcfZg9GrOGiagmubZfUD1N/HbWAYspTNh7mQbLQ+NkDFj8IkVGLVVsYVv9j+imEu5GQb/5nAfyhnKK1A==
x-fb-content-md5: febf112aa93db18e3a86c738d4000558
x-frame-options: DENY
date: Wed, 22 Jun 2022 14:08:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4437485cbb152d0a6066f730f524f74a"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Jun 2023 11:24:03 GMT

POST
H2 200 / Show response
api.userback.io/ 3 KB
2 KB 206ms
124ms XHR
application/json 3.224.13.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userback.io/?loadWidgetConfig
Requested by: Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.13.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-13-60.compute-1.amazonaws.com
Software: nginx/1.20.0 / PHP/7.4.28
Resource Hash: ae29de83c0fd25dc8219094b08dea9412c4ad792c019409976baa57f659edff2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: gzip
server: nginx/1.20.0
x-powered-by: PHP/7.4.28
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html Show response
platform.twitter.com/widgets/ Frame B762 319 KB
104 KB 23ms
20ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.safeguardcyber.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1370374
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Jun 2022 14:08:04 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Jun 2022 18:01:40 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6776)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 widget Show response
www.safeguardcyber.com/_hcms/livechat/ 3 KB
4 KB 253ms
253ms XHR
application/json 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/_hcms/livechat/widget?portalId=3918364&conversations-embed=static-1.10231&mobile=false&messagesUtk=82440822b1b6496d816c9c2634b9d3c0&traceId=82440822b1b6496d816c9c2634b9d3c0

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fef09d35d8f0d5490b3c28723e0f1f01d59569f345a985402d387ead2367e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9ba83e97-7e17-4c46-9f9d-984ef7eca3d3
server: cloudflare
x-trace: 2B727C407D0A78D79E81E532DCC8902BD95126288F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jExHPoerkyndSMtR%2Fzvx%2Bl%2BXvlw8XxkM69PlB%2FGfOGwrLgLKBe1A%2B5sYiu1GJKAPDYNEQ4%2BZTGG5yKSWg7yaKXZ0zv%2Bs7I2Ul0dUAHBakXoUg5LTQGtW7zLaIWspbpAUPaolbKETkZdf23PeR7CLXj%2FKJFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 71f58dce5b5c9b2e-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3 200 2799162580116363 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 60ms
59ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2799162580116363?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d40e5944606d67b7ef70261aa7c29ba451cacd8e33c468f5aabfa7024c70f42f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: S+Tb5p3n09EJfcRse9e7wq9YLCG7sEw/AEdMEd81Bm964G4KSLGTxJto2lY14cLJz/tiufNu8ppG35+20W3SvA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 22 Jun 2022 14:08:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655906884964
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145fb3d328d872c3dfe331ddfceb910532ad19f205c4593f2560c9e8d1a14c69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 modules.b871a939666125f20d79.js Show response
script.hotjar.com/ 243 KB
63 KB 45ms
11ms Script
application/javascript 143.204.89.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b871a939666125f20d79.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1932619.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-6.fra50.r.cloudfront.net

Software

Resource Hash

e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 08:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1142158
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64109
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 08:51:29 GMT
etag: "a7a5f230aae7accf37f785c6590c07fa"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: tb648l33xHC6NlN5wlC9lRUvCzGy88MFF2wmvLGBIJKVBTzO3LwKpg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=393866&time=1655906884961&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fsbrc%3D14qHHKDkq...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D393866%26time%3D1655906884961%26url%3Dhttps%253A%252F%252Fwww.safeguardcyber.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=393866&time=1655906884961&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fsbrc%3D14qHHKDkq...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=393866&time=1655906884961&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fsbrc%3D14qHHKDk...

0
264 B

237ms
197ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=393866&time=1655906884961&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fsbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D%26d_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0&liSync=true&e_ipv6=AQKrEcwjTKql9wAAAYGLveCbYuLS0EI4m2KB10iuzt6m10g11Nkp4PnGnd5v79feL1EAphku
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 91572122D83643838DBB58FFB9CE1E1B Ref B: FRAEDGE1410 Ref C: 2022-06-22T14:08:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiCd245vbnnVXIapRvbQ==
x-li-fabric: prod-ltx1

Redirect headers

date: Wed, 22 Jun 2022 14:08:05 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: BC6C7C4BC8354C6D9BF0799D9A3273A2 Ref B: VIEEDGE1720 Ref C: 2022-06-22T14:08:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=393866&time=1655906884961&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fsbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D%26d_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0&liSync=true&e_ipv6=AQKrEcwjTKql9wAAAYGLveCbYuLS0EI4m2KB10iuzt6m10g11Nkp4PnGnd5v79feL1EAphku
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiCd21K48t1OdAR4Z8kg==

GET
H2 200 cta-loaded.js Show response
www.safeguardcyber.com/hs/cta/ctas/v2/public/cs/ 0
683 B 180ms
180ms Script
text/plain 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.safeguardcyber.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3918364&pg=f37a8d36-84b5-4cf5-ab85-f513b19d24d8&lt=1655906884401&dt=1655906884403&at=1655906884978&an=1

Requested by

Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-hublet: na1
date: Wed, 22 Jun 2022 14:08:05 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 569ee2d4-23f1-40a3-a2d6-298697fc0732
cf-ray: 71f58dcf2cb19b2e-FRA
last-modified: Wed, 22 Jun 2022 14:08:05 GMT
server: cloudflare
x-trace: 2BB46623CBD28081D7E24AC0B0280388385D319B8F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hno85h%2BmPRM9%2BmqL4TN4BFZfzzc%2BZbsB4CyqyRyJ%2BbjA7%2BSAiKLrcQ2pNVWkXfqDDCLJTfANjab6%2Fw%2Fvm6Dgk5daCbE%2Fgq8tFjMj8J0wsLuxmC2QVSsKLl%2FSNTMiIaFjEq38N%2FnGghNqfqDRVtWK%2Bd81l34%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, follow

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
544 B 335ms
142ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: ac1c1581-e8ae-4087-9a63-22fe4d2a485a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-robots-tag: none
last-modified: Wed, 22 Jun 2022 14:08:05 GMT
server: cloudflare
x-trace: 2BC5BDF737218878E574504E750DCA619E24BC7526000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 71f58dd05e279256-FRA

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
171 B 343ms
150ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: 8c5ca3f4-117e-48d3-820e-65dfa5d7e550
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-robots-tag: none
last-modified: Wed, 22 Jun 2022 14:08:05 GMT
server: cloudflare
x-trace: 2B635479220D6B53727775596783C3792959C00727000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 71f58dd06e2f9256-FRA

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
408 B 340ms
104ms XHR
application/json 34.197.6.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDI1Mjd9.M0vLhUf0dMmGZrO6fIII5qiCJ5HD5STm13dn6qMaYm0

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.197.6.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-6-88.compute-1.amazonaws.com

Software

Resource Hash

aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.safeguardcyber.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 4b477c1e8c743d31d5188dbf61768ba9

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
712 B 203ms
17ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Jun 2022 14:08:05 GMT
X-Proxy-Origin: 185.213.155.177; 185.213.155.177; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f97dacbf-f18d-4ae8-a38a-51393730e0b4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.safeguardcyber.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
378 B 196ms
7ms XHR
text/plain 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-35-64.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dab25691c4b0defa1e1a2463788727826ae3c1ecc8d803a907a866aa423d21e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:05 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.safeguardcyber.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
260 B 196ms
8ms XHR
text/html 2a02:26f0:6c00:294::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.safeguardcyber.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:6:f011::7e
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 20
expires: Wed, 22 Jun 2022 14:08:05 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B762 397 B
495 B 288ms
120ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8564b5d6e9bc06f687f2a5ac9a8949a4e68f2237

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.safeguardcyber.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

e6bf2010a4fb62b2cb19950e627af8234276151995216a2ad24e70278e4b762b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 113
date: Wed, 22 Jun 2022 14:08:04 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 14:08:05 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5a1da5ae0d07dc156d4768be2470d9a7bef00297433fd629a7a5bd2d6f71cbe4
content-length: 215

GET
H2 200 flow.json Show response
js.navattic.com/v/ Frame 7317 24 B
285 B 88ms
54ms XHR
text/javascript 2606:4700::6812:163c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.navattic.com/v/flow.json?t=1655906885262
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:163c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b163c4c04736449f60c7094be0198e89aa4694e7d1e02ad2f9180719c4244be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cf-ray: 71f58dd12bbc6907-FRA
access-control-allow-headers: *
content-length: 24

GET
H2 200 v1.css
static.userback.io/widget/ 92 KB
12 KB 9ms
9ms Stylesheet
text/css 108.157.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.userback.io/widget/v1.css
Requested by: Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-64.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f495e5937d0495eefc0951070a96dc7b10d4d96d7f436afc994f17dbd54cc58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 21:19:04 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 00:08:42 GMT
server: AmazonS3
age: 60544
etag: W/"128e60b86505e99945a26fc5f67c9a3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: n562ossEusAVC_EsNO8ar13qXAhqfHpNP0QDA8rRlyiAAmxnpuCABg==

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 40A0 2 KB
1 KB 50ms
10ms Document
text/html 143.204.89.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1932619.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-34.fra50.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1924439
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-id: 4C9Z3gO70YwWZu6mV-NZHXToMj1Rs4n8L4qyLGV-KS1PZXWhIZQTiw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 118ms
44ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2065510042&t=pageview&_s=1&dl=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&ul=en-us&de=UTF-8&dt=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=646268097&gjid=243345830&cid=255879153.1655906885&tid=UA-59152664-1&_gid=957898460.1655906885&_r=1&gtm=2wg6f0MZBTFWG&z=1922359693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.safeguardcyber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 106ms
37ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2065510042&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&ul=en-us&de=UTF-8&dt=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=call%20to%20action&ea=%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo&el=nav%20request%20a%20demo%20visible&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=255879153.1655906885&tid=UA-59152664-1&_gid=957898460.1655906885&gtm=2wg6f0MZBTFWG&z=91557123

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14155
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958111093/ 3 KB
2 KB 184ms
66ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958111093/?random=1655906885366&cv=9&fst=1655906885366&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&tiba=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17367d8397823e82fac346190d81863e8e24915e163798068d0d7a8fe615463c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1172
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958111093/ 3 KB
1 KB 184ms
69ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958111093/?random=1655906885369&cv=9&fst=1655906885369&num=1&label=GmojCP-e_rABEPW67sgD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&tiba=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab86529a9f83ae1145d4b8ce77a11c2c6a514c3cb0652c33bd30c5dd1d8aa78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 137ms
115ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=a5ecbf20-90e6-4316-9033-bdede0d90873&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=7197df5a-80e8-486b-94b4-da79a26a052d&tw_document_href=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nznod&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 22 Jun 2022 14:08:04 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: a3da1ba4d90b006292b45d920bc546d1b514b1cce686215e423f3d522ed8ec86
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
353 B 144ms
123ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a5ecbf20-90e6-4316-9033-bdede0d90873&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=7197df5a-80e8-486b-94b4-da79a26a052d&tw_document_href=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nznod&type=javascript&version=2.4.12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 116
date: Wed, 22 Jun 2022 14:08:05 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 188beac943331656cf06c77e9e1f2ea645771be8139ed39802e469dfaf6a9b24
content-length: 43

GET
H3 200 82440822b1b6496d816c9c2634b9d3c0 Show response
app.hubspot.com/conversations-visitor/3918364/threads/utk/ Frame 17B9 48 KB
18 KB 174ms
159ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/3918364/threads/utk/82440822b1b6496d816c9c2634b9d3c0?uuid=49bca8ef47dd4a3caf88bc02f428de8d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=safeguardcyber.com&inApp53=false&messagesUtk=82440822b1b6496d816c9c2634b9d3c0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5231f1e0b0def788f7f6e7520f05c30603ebe4566b5d37e4d8d1b29dba37c971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 2200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 71f58dd1d8826946-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.12684/html/index.html&cfRay=71f58dd1d8826946&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F3918364%2Fthreads%2Futk%2F82440822b1b6496d816c9c2634b9d3c0%3Fuuid%3D49bca8ef47dd4a3caf88bc02f428de8d%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dsafeguardcyber.com%26inApp53%3Dfalse%26messagesUtk%3D82440822b1b6496d816c9c2634b9d3c0%26url%3Dhttps%253A%252F%252Fwww.safeguardcyber.com%252Fblog%252Fsecurity%252Fmulti-channel-communication-attacks-demo%253Fd_utk%253D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%2526sbrc%253D14qHHKDkqNoJ7OWQ3pg1iLw%25253D%25253D%252524ma1Al8vjwFt3-Lk4C2ZpmA%25253D%25253D%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dtrue&referrer=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&cfenv=prod&pdt=2022-06-22&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 14:08:05 GMT
etag: W/"fa89812b4fd8ee9b1d31e95dc7ddb97b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 13 Jun 2022 04:26:28 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=71f58dd1d8826946&resource=conversations-visitor-ui/static-1.12684/html/index.html"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-id: D-cWPsuSVoctX8_2R9pmebsbvLUKu8E0F-gyhvceSMuX_9FfYZ9x3Q==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: SpHhJJTjuGegOCI.nTrtfgd.iKd5rB_V
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.12684/html/index.html
x-hs-worker-debug-mode: false

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 377ms
351ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3A6%3Af011%3A%3A7e%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:05 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 711ms
335ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A04%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:06 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 cl3xevv6g2194309mmlti7mycv Show response
app.navattic.com/api/project/ Frame 7317 16 KB
4 KB 321ms
234ms Fetch
application/json 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.navattic.com/api/project/cl3xevv6g2194309mmlti7mycv

Requested by

Host: js.navattic.com
URL: https://js.navattic.com/navattic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

63f9cdaf58f10d84fdda991f8d42fec97819071575bbcb43a1ed324098ec5838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: on
date: Wed, 22 Jun 2022 14:08:05 GMT
x-vercel-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: Vercel
cross-origin-opener-policy: deny
x-matched-path: /api/project/[id]
etag: W/"3eef-fQfgmh3aeV+jaK2nKxSSfbgoItE"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
x-vercel-id: fra1::iad1::w7ls5-1655906885522-f70067d733df

GET
H2 200 /
tr.lfeeder.com/ 43 B
293 B 85ms
45ms Image
image/gif 143.204.89.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=p1e024BOd1paGB6d&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTU5MTUyNjY0LTEiXSwiZ2FDbGllbnRJZHMiOlsiMjU1ODc5MTUzLjE2NTU5MDY4ODUiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi40OS4xIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5zYWZlZ3VhcmRjeWJlci5jb20vYmxvZy9zZWN1cml0eS9tdWx0aS1jaGFubmVsLWNvbW11bmljYXRpb24tYXR0YWNrcy1kZW1vP2RfdXRrPTVkZmU2ZjZmLTIyMmUtNGE0Ni1hYzFjLWY2MjdlODQyODBlMCZzYnJjPTE0cUhIS0RrcU5vSjdPV1EzcGcxaUx3JTNEJTNEJTI0bWExQWw4dmp3RnQzLUxrNEMyWnBtQSUzRCUzRCIsInBhZ2VUaXRsZSI6Ik11bHRpLUNoYW5uZWwgQ29tbXVuaWNhdGlvbiBBdHRhY2tzOiBBIERlbW9uc3RyYXRpb24gfCBCbG9nIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJhNDA4YzNkYjJiM2VmZTYwIiwic2NyaXB0SWQiOiJwMWUwMjRCT2QxcGFHQjZkIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS44ZmZkMmE3NDc5MTkwN2YxLjE2NTU5MDY4ODU0MzciLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-106.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: l9yjM7wRUyv0RTO2L1mrQlNxUlPw2pHPg_M-nSj9e7d3Trz_N_ppGw==

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
516 B 103ms
103ms XHR
application/json 34.197.6.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.197.6.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-6-88.compute-1.amazonaws.com

Software

Resource Hash

ccebb547f73db441e2228d1363e3ffed3aad41704c11c95052ea53999c2097b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.safeguardcyber.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: b67e8162c3856d6717c3e41238e4ed69

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 134ms
45ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: static.userback.io
URL: https://static.userback.io/widget/v1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.userback.io/widget/v1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 12:39:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 14:08:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 14:08:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 71ms
20ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2799162580116363&ev=PageView&dl=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&rl=&if=false&ts=1655906885489&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655906885487.906706241&it=1655906884909&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 22 Jun 2022 14:08:05 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-59152664-1&cid=255879153.1655906885&jid=646268097&gjid=243345830&_gid=957898460.1655906885&_u=YEBAAEAAAAAAAC~&z=329295479

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 22 Jun 2022 14:08:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.safeguardcyber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s
scout.us2.salesloft.com/ 42 B
357 B 338ms
100ms Image
image/gif 52.202.60.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scout.us2.salesloft.com/s?type=landed&hitId=491451489&rand=967324238&monitorResolution=1600x1200&viewportResolution=1600x1200&pageTitle=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&sessionCount=1&hasWS=true&time=578&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sli=14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&guid=d8b9f36f-b3f8-4f7d-a50d-9649f22f7201&tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDI1Mjd9.M0vLhUf0dMmGZrO6fIII5qiCJ5HD5STm13dn6qMaYm0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.202.60.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-60-40.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 42
x-request-id: 9ee1d58492ea8fa99d8f5660bae59f2b

GET
H2 200 /
www.google.com/pagead/1p-user-list/958111093/ 42 B
108 B 226ms
63ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958111093/?random=1655906885366&cv=9&fst=1655906400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&tiba=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&async=1&fmt=3&is_vtc=1&random=609520995&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/958111093/ 42 B
548 B 173ms
49ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/958111093/?random=1655906885366&cv=9&fst=1655906400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&tiba=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&async=1&fmt=3&is_vtc=1&random=609520995&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/958111093/ 42 B
548 B 224ms
62ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958111093/?random=1655906885369&cv=9&fst=1655906400000&num=1&label=GmojCP-e_rABEPW67sgD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&tiba=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&async=1&fmt=3&is_vtc=1&random=2878146775&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/958111093/ 42 B
108 B 175ms
51ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/958111093/?random=1655906885369&cv=9&fst=1655906400000&num=1&label=GmojCP-e_rABEPW67sgD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&tiba=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&async=1&fmt=3&is_vtc=1&random=2878146775&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1932619/ 147 B
323 B 145ms
32ms XHR
application/json 34.253.52.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1932619/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b871a939666125f20d79.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.52.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-52-76.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.213/ Frame 17B9 44 KB
16 KB 70ms
44ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.213/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/3918364/threads/utk/82440822b1b6496d816c9c2634b9d3c0?uuid=49bca8ef47dd4a3caf88bc02f428de8d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=safeguardcyber.com&inApp53=false&messagesUtk=82440822b1b6496d816c9c2634b9d3c0&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e83360c1899059ca090a581bff375f4061dbfb87373cb97cfcd7f9171a480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 669411
x-amz-server-side-encryption: AES256
cf-ray: 71f58dd32df85b4a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 14:06:27 GMT
server: cloudflare
etag: W/"be8e05e1f26cd3b649ade425f7b669e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkGTzytaKJHFCOKy4EySrMcw0G5sOuo4xxyGZrGPG8%2Bet2rcg3Rg9anjrTVOtKMXx8fswEUbBA04qYVi2MAQULxK6ckF7ptbC4xjvrlW6lLqIn8Dvl94400bJTxRKP1DIXbEHTd6PIbvf1LuTdmGAAcXPFo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: oRECgMYrXUZy0onk7voirehZ8Cymfuh0
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: sahi5_MJXZ908Dq30iKkg5FffPUW-JFokPCY35A-ND_14kpy9ridlg==
expires: Thu, 22 Jun 2023 14:08:05 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame 17B9 20 KB
5 KB 88ms
63ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 122991
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCZg9CWJjKQQNHpmqdJGutlLmiyOMHG6z2Y3uz3hwp%2BeBXqwTH2%2BgCjutblyGtUGJmH0pL5OLzmmS7CGtmyaWxYlLJjDLy8m1v%2BAJ%2BZ3i%2B4LFNdktjg%2FARSQCbK30Y92w3vwTHaERedpf6Rxlap8GyWydUs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: TXL50-P4
cf-ray: 71f58dd32d9bbb37-FRA
x-amz-cf-id: 7AYeUxQTIFCCkt57hqQElhi5UtUSAZYymewuhJeISP4_kTKWsNJafA==
expires: Thu, 22 Jun 2023 14:08:05 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.273/ Frame 17B9 289 KB
92 KB 86ms
61ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.273/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1052310
x-amz-server-side-encryption: AES256
cf-ray: 71f58dd32df95b4a-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 20:12:51 GMT
server: cloudflare
etag: W/"7f1f4cf071fe807a6e3cb1c0e9606132"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DyZIs5Y2gPSZHEJ%2FzbMuDEWmv7%2BYAJZGNHWf1leNQCZQEsmzEeJUzgiyhbOif9YOrt9Hy49mdoM1njAovwBzQeZPhlefySjeGm4r3wljiReuun3g6m3MUEmaBwUxUUr2y7cLnULs9QCvVfVOEzkOnzTRL0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: KzPlPnaGfC2KvqH_C2ydD6oOPrLTHXIr
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: aVESu4AT7FOWjfvk6sLUEDoIIDj_hL6z8fAxcAcfp8NBxzLcEChuDQ==
expires: Thu, 22 Jun 2023 14:08:05 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12684/bundles/ Frame 17B9 507 KB
148 KB 86ms
62ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12684/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468c531a6386668a02a51387ee143d27f8879ffebf83d4be7ce79d8598ed6676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
via: 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 769290
x-amz-server-side-encryption: AES256
cf-ray: 71f58dd32dfa5b4a-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 16:08:50 GMT
server: cloudflare
etag: W/"d78a4eb01642e4612e9d63542a5ff315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zyA8R0jB5kFj0BNaBVz4OYNpsNdyn7HS4FUwe9bWFaMutH7H2a45Lw5OSDZImTif%2BlP9rwDuJmI2IgaRThnzoHmkC6v729lco3gPHWN11rNz%2FcIadbfcqWlKl4Q%2BSpcO0%2FUh2UMDxFUoR1MBK4EAoCYE8o%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: N0iLyaVSscG41DSlv6arCTHdVHqRVecf
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-P2
content-type: application/javascript
x-amz-cf-id: mnzK8NfhUgHeadni0DwspTg5_Huq6-bKJKOOHYRloG9_aecRSx10YA==
expires: Thu, 22 Jun 2023 14:08:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 164ms
64ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59152664-1&cid=255879153.1655906885&jid=646268097&_u=YEBAAEAAAAAAAC~&z=1718564598

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 124ms
63ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-59152664-1&cid=255879153.1655906885&jid=646268097&_u=YEBAAEAAAAAAAC~&z=1718564598

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 14:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12542/ Frame 17B9 776 B
1 KB 62ms
38ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12542/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12684/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1365d4bdc14090157c99cf8491ca4391c87425182f746b89ff13276985ea1399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:05 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 510923
x-amz-server-side-encryption: AES256
cf-ray: 71f58dd48ef19b5b-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 May 2022 09:08:39 GMT
server: cloudflare
etag: W/"656b59b2f477f1ad6d02dcf138603986"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yedxUMOfC3cZXQ8j2PTSRUX2MJTR0hn71fSBDC7IgI0XX1tYwLeqtIDW9gamdkhH3fpXAqwgRGbui7SLbgCyp4efgGcDPQPYqf%2B%2F8UrDuO22l31V367%2FHmib8syO9grNWxLgSNdWfqilF9zHNO3mIhu84RY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: fUHN74ynTDIdw0gGW.WlWNPVJIqAdzYS
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: mJqbZ05nM00bphbawlniacM7mo-mlRXMlBfh7nmIe5wnxX5dT0n4Fg==
expires: Thu, 22 Jun 2023 14:08:05 GMT

GET
H2 200 cl3xevv6g2194309mmlti7mycv Show response
app.navattic.com/api/project/ Frame 7317 16 KB
4 KB 217ms
217ms Fetch
application/json 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.navattic.com/api/project/cl3xevv6g2194309mmlti7mycv

Requested by

Host: js.navattic.com
URL: https://js.navattic.com/navattic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

63f9cdaf58f10d84fdda991f8d42fec97819071575bbcb43a1ed324098ec5838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: on
date: Wed, 22 Jun 2022 14:08:05 GMT
x-vercel-cache: MISS
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: Vercel
cross-origin-opener-policy: deny
x-matched-path: /api/project/[id]
etag: W/"3eef-fQfgmh3aeV+jaK2nKxSSfbgoItE"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
x-vercel-id: fra1::iad1::w7ls5-1655906885838-d967e24c7ee4

POST
H2 204 rhumb
api.hubspot.com/cartographer/v1/ Frame 17B9 0
1 KB 166ms
148ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12684

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12684/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f1c221ec-5cf3-401d-8c28-6c1e71148165
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSv%2BwzVPT7ngYXkZ6gD5a5IV58%2FpdrhcM32qN63gMPddT9zj%2FcF5PfTTLTtfYKXRRokizfTOLsW5XUc23mzO1Qo8dOuVDYZ4uaz7F4HhKNJMFTocwbPHffUCpL9s1dB30sXxLVz13jw7nB9YqA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 71f58dd56a1868fe-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H2 200 welcomeMessages Show response
api.hubspot.com/livechat-public/v1/bots/public/bot/1379516/ Frame 17B9 648 B
965 B 185ms
177ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/bots/public/bot/1379516/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12684&conversations-visitor-ui=static-1.12684&traceId=82440822b1b6496d816c9c2634b9d3c0&sessionId=AMOaWbKWaupJUS3KSkepXUCTA7chgiIZaSvVAVcYOMx5Hpv33qDGWpDl_QU67GKTw5u0DbyXI2QebEahcBecw6M98O47ZAqIMHH03CiR7aIzUFkngng6AthpBPz9Dg4SwrtzgpftPh66wtsNwf9h952NL2akdz-xgvrwHXXGI08lIbzsxbDnu0o

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.213/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

436642d6e06c859893cd1e1d7edffa0b23e6f430f05ecee2b2a973c0b6887582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a1bd5d6d-70f0-4744-a371-ef7e7bcafacc
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
x-trace: 2BBB9A69F13FE36B165B44BBB93B6151ACA5A107C5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztOAmLN9lH2W%2FfbGR%2F45T2RrNVRpMC0%2BlQxH%2FkrniWxGfq1BSiM764PC5ewFNrGP0lDcbUxUSJK0lsWmpKajJjqKENEEsLD6ynM9IpAMAGCEbUAHTP53%2FUSkbkMdkCv4KNA333pIE1HEvcpB5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 71f58dd56a1068fe-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 341ms
325ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A04%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:06 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DA61 0
18 B 42ms
16ms Document
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.safeguardcyber.com
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.safeguardcyber.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 22 Jun 2022 14:08:06 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 customers
app.navattic.com/api/guide/ Frame 0
0 126ms
125ms Preflight 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.navattic.com/api/guide/customers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://capture.navattic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-length: 0
cross-origin-opener-policy: deny
date: Wed, 22 Jun 2022 14:08:06 GMT
referrer-policy: origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-matched-path: /api/guide/customers
x-vercel-cache: MISS
x-vercel-id: fra1::iad1::w7ls5-1655906886062-d79720af1173
x-xss-protection: 1; mode=block

POST
H2 400 customers Show response
app.navattic.com/api/guide/ Frame 7317 2 B
111 B 123ms
122ms Fetch
application/json 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.navattic.com/api/guide/customers

Requested by

Host: js.navattic.com
URL: https://js.navattic.com/navattic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://capture.navattic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: on
date: Wed, 22 Jun 2022 14:08:06 GMT
x-matched-path: /api/guide/customers
x-vercel-cache: MISS
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: Vercel
cross-origin-opener-policy: deny
x-vercel-id: fra1::iad1::w7ls5-1655906886192-fa8b98a37444
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H2 200 cl2550kum00003967o7xj8c0b Show response
capture.navattic.com/api/ Frame 7317 200 KB
21 KB 262ms
261ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl2550kum00003967o7xj8c0b
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51ea325a7f7b5e8fe4c0864b58e83b421526e47b7120763f8a328657c51bf3f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd5ee4c9249-FRA
access-control-allow-headers: *, authorization, content-type

PUT
H2 400 metadata Show response
app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/ Frame 7317 2 B
82 B 127ms
126ms Fetch
application/json 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/metadata

Requested by

Host: js.navattic.com
URL: https://js.navattic.com/navattic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://capture.navattic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: on
date: Wed, 22 Jun 2022 14:08:06 GMT
x-matched-path: /api/guide/customers/[cid]/metadata
x-vercel-cache: MISS
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: Vercel
cross-origin-opener-policy: deny
x-vercel-id: fra1::iad1::w7ls5-1655906886562-5ed39b594ee3
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6Im1yRGRXdlVJZyJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 326 KB
28 KB 289ms
289ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6Im1yRGRXdlVJZyJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1399560fa4c141073da75ef91036c00dd614b384506fc3485fa7d4e39524696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd799499249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InFobGozdHE3dSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 25 KB
4 KB 163ms
162ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InFobGozdHE3dSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26abbb54760ba5dc4ff33bcd95a4a257178c5ee22d0095cfa0b18ad70e911987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd799529249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InpMYnV6ZHdJYiJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 8 KB
2 KB 134ms
134ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InpMYnV6ZHdJYiJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1a4ca5f7f38b6e0c748830af96eb70a348222029ac9536d27eee12df1bdaee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd799559249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InFqM1FJYWc0ZCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 3 KB
559 B 141ms
140ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InFqM1FJYWc0ZCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a8501c81cebbc7ac278fe8366d67477462a72448556e9f3cb22e2a8dacb531b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd799589249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 cl3uih7kh00003f6bo2ua2622 Show response
capture.navattic.com/api/ Frame 7317 567 KB
335 KB 343ms
342ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl3uih7kh00003f6bo2ua2622
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce7aabca5d7316846e7053b6f1eed44ef381f9c738cc1d8c36609279ab3d7b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd799599249-FRA
access-control-allow-headers: *, authorization, content-type

OPTIONS
H2 200 metadata
app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/ Frame 0
0 242ms
242ms Preflight 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/metadata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://capture.navattic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: PUT
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-length: 0
cross-origin-opener-policy: deny
date: Wed, 22 Jun 2022 14:08:06 GMT
referrer-policy: origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-matched-path: /api/guide/customers/[cid]/metadata
x-vercel-cache: MISS
x-vercel-id: fra1::iad1::w7ls5-1655906886317-73b0be1fa6a3
x-xss-protection: 1; mode=block

GET
H2 200 core Show response
js.driftt.com/ Frame 38CE 2 KB
1 KB 152ms
151ms Document
text/html 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1655907000000/d4e7isniz9na.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

527cdadeaef488639617c13b883e497b676608ddd012cb71383d712f53c9ce91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 14:08:06 GMT
etag: W/"548021a05f36bc222b127047648c1541"
last-modified: Fri, 17 Jun 2022 15:46:08 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-id: fwLBbSbSzBuGlx0kHv1_G8KQ8yRYujnNNV6utcoM05cADewSZRu1xg==
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 69dKGDB.1fm8.HyI7x2nlMQXZKWs4XjK
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame AE97 2 KB
1 KB 114ms
114ms Document
text/html 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1655907000000/d4e7isniz9na.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

527cdadeaef488639617c13b883e497b676608ddd012cb71383d712f53c9ce91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 14:08:06 GMT
etag: W/"548021a05f36bc222b127047648c1541"
last-modified: Fri, 17 Jun 2022 15:46:08 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-id: saGNe4cw6PPIaRlZDN1hSYybbUIl8deFEeJPZkB3KOF1l2LcitSzqw==
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 69dKGDB.1fm8.HyI7x2nlMQXZKWs4XjK
x-cache: RefreshHit from cloudfront

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 126ms
110ms Preflight
application/octet-stream 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.safeguardcyber.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.safeguardcyber.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 71f58dd7f88abb41-FRA
content-length: 0
content-type: application/octet-stream
date: Wed, 22 Jun 2022 14:08:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
timing-allow-origin: *

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
137 B 138ms
137ms XHR
text/plain 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/3918364.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Wed, 22 Jun 2022 14:08:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: d61afa7a-bac8-4d20-9e5d-99e3cc60ad15
x-trace: 2B92FCB00827803D1E26EE17AE7C256A341BDD3F39000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.safeguardcyber.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 71f58dd8a9debb41-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
494 B 157ms
142ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: efef9f10-4d8b-4639-a649-17cd508945a6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-robots-tag: none
last-modified: Wed, 22 Jun 2022 14:08:06 GMT
server: cloudflare
x-trace: 2BA5A61DAA165A811EB89A4084A4ACA8CB50D3B9A6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 71f58dd82a2b9b1f-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
357 B 140ms
139ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=cb5c80e0-72aa-4216-b7ea-cb9dbf8ccb45&fci=8409022c-7f41-48ff-8a40-fcd0516aa9cd&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=3918364&pi=75696837232&ct=blog-post&ccu=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo&cpi=75696837232&cgi=43923902643&lpi=75696837232&lvi=75696837232&lvc=en-us&pu=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&t=Multi-Channel+Communication+Attacks%3A+A+Demonstration+%7C+Blog&cts=1655906886403&vi=dfdf5a349e226070ba1a1768fa1cf5ce&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 173ff388-5baa-4d9c-917b-a1cc9f814f0c
cf-ray: 71f58dd81eca68fe-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ua49VqesTILydCtQ7OOsA%2FZAleVNlhzzHrnBxfi3v6kjeGBrLvZGqr6mZpIumVDpxygxjrWEvSzGT1FBFPUMPABuM2x4UQlQrmKc304yfVkeskuNFPwrC6qpP%2Fw21hbmW5robzDmYkadO4%2BAWtox"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
460 B 138ms
137ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22f37a8d36-84b5-4cf5-ab85-f513b19d24d8%22%2C%22d253f48a-b27b-486c-a8a8-1fd53dc34938%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=3918364&pi=75696837232&ct=blog-post&ccu=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo&cpi=75696837232&cgi=43923902643&lpi=75696837232&lvi=75696837232&lvc=en-us&pu=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&t=Multi-Channel+Communication+Attacks%3A+A+Demonstration+%7C+Blog&cts=1655906886408&vi=dfdf5a349e226070ba1a1768fa1cf5ce&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6169c324-f7bf-4e1e-b6e7-23ca02f192a7
cf-ray: 71f58dd81ed068fe-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PX2d%2B8A5GnFVsPtQekSDLdClmPv%2BkOeR4RMs1EuoLhYWgUp3JtPUX5%2BEMmvezCIhpn7G0ywyoi9qEUlBC%2FNFMULTH4LbkNqBZFDr8fwSxcMTzOTJjttWk4VHDqYQEoxLdEiVgOdyJfwbT356T2i8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
379 B 141ms
140ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=3918364&pi=75696837232&ct=blog-post&ccu=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo&cpi=75696837232&cgi=43923902643&lpi=75696837232&lvi=75696837232&lvc=en-us&pu=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&t=Multi-Channel+Communication+Attacks%3A+A+Demonstration+%7C+Blog&cts=1655906886410&vi=dfdf5a349e226070ba1a1768fa1cf5ce&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f71aea6f-84df-4b72-9970-80ab167083cc
cf-ray: 71f58dd81ecd68fe-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pau6qEVuYNa4kdqf%2Fs8x8RIiC2DgcmsucCCf1qT0d7Thkrw7MHKxan1D2QvaMLfstTluJ7cr9aMEThdGT%2BY1MggrR4h9akUkGWr8grQfZO3slTYuvzogkrApAQPOaBd13Mxz%2BILPc9bFvHnFBX%2Ba"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
36ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2065510042&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&ul=en-us&de=UTF-8&dt=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo&el=10&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=255879153.1655906885&tid=UA-59152664-1&_gid=957898460.1655906885&gtm=2wg6f0MZBTFWG&z=1010388736

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14156
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2065510042&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&ul=en-us&de=UTF-8&dt=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo&el=20&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=255879153.1655906885&tid=UA-59152664-1&_gid=957898460.1655906885&gtm=2wg6f0MZBTFWG&z=573362646

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14156
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.b3a0ca5d.js Show response
js.driftt.com/core/assets/js/ Frame AE97 6 KB
3 KB 9ms
8ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b339bdb07ea2df0f40629052bdeda41410aaf541dff56f46239cdea5d59b47e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:29 GMT
server: nginx
etag: W/"69f8b5fdba551ac6e2dbfc311c6548f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6daTpdR8xHxzp4XWU.Ic3TEw1ssUepbq
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LigaEz2fIr8Nl9xrA29IawkUX62NAxLaRZ4rEYmxAUMN008PhZAVZw==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 35 KB
13 KB 10ms
9ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VDyzedK8pRW8gpFa0blVRbSUKMSUjUx3SjuSTAfTpdCI8OG4qaORAQ==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 7 KB
3 KB 9ms
8ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VNPiFqK_OYiIg0QpFQvLNrNI4NKmcO8daK012xJH85-fLh04iDK9ew==

GET
H2 200 runtime~main.b3a0ca5d.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 6 KB
3 KB 12ms
11ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b339bdb07ea2df0f40629052bdeda41410aaf541dff56f46239cdea5d59b47e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:29 GMT
server: nginx
etag: W/"69f8b5fdba551ac6e2dbfc311c6548f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6daTpdR8xHxzp4XWU.Ic3TEw1ssUepbq
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mUNBCm4q5Up-7Aqod7_way68oWz3DZZCqOFDTCapxBNl8QLCQ25Fig==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 35 KB
13 KB 12ms
12ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WvaLxbeaIzGjWxqRuVWZX3AiGm-k8g6tK6czH0qvqogmpEfwDffxIw==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 7 KB
3 KB 15ms
15ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cCcHYjT49BKlCV6nJ1ZvLCWO9s6hj3TqikxFPeUITJpcCZ9xnNBAPA==

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkIxQTJwS1VlcyJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 38 KB
8 KB 182ms
179ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkIxQTJwS1VlcyJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcac106ac55e8491fa8c466f0e1955060d3e724159264b3f28c4abaf4f8bcba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd9fd6c9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InFEWWRJV09BOCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 9 KB
887 B 158ms
156ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InFEWWRJV09BOCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a3390a950d27f3ff294c2fe15b1e54d1ddb5f4631d777dd8dd4d8447e381e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd9fd799249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6Im1aTXJZanp0NSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 20 KB
4 KB 141ms
138ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6Im1aTXJZanp0NSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c88eaa933409a59468a3b88a0b3712e91fd8a45d8d93628961b93e13f4449b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd9fd7b9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 cl3up1sg700003f6cmc06dwvt Show response
capture.navattic.com/api/ Frame 7317 29 KB
6 KB 122ms
120ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl3up1sg700003f6cmc06dwvt
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ea87195b2de2348656ce84e55f93c8cb6b6f82d922b80c5c7e86a933ae34d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:06 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dd9fd829249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 47 KB
14 KB 17ms
5ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z6GpveQz7Bx281aJ3YwYArVlayJXPTiXE6qwElvdOzNFEGKZ_XhXDw==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 44 KB
13 KB 19ms
8ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _kAWeD1Tyds_-5XbhZP7SRgxdsvfluM-FShqAeYFGpslJPK3jiXX_g==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 25 KB
8 KB 22ms
10ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fTZvgnGverEDKW5WELz-_jczNCSgVHrMbEFm7UFulOPpVhBdtfdlMg==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 16 KB
5 KB 23ms
13ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GDDppfb6yZYFMnzPgC5SNxvRo6Tw7qu842K3E84t2Bjbl2pqo2yJcA==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 74 KB
23 KB 24ms
13ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4Kmas7AS1gtXnvGNr64EBv22S3S0rJqrr7Zqyj-Ujv1FOjmBnKi_aw==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 59 KB
19 KB 25ms
14ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: asY-ohVS16oRZw1HzjcmmZEWyAdozY529zNbVIUh4esQ8-upfLyaOQ==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 91 KB
28 KB 26ms
16ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BiZv_Klqe_BNZsJ6RvdM_xM58zWzhD7gOqUkurEJl3q6S0jE8rTirA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 23 KB
7 KB 27ms
17ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qegWHqYQrN_8nCkTyPLxQhRAYySUTBDAA5XOH707ANkY97BNi857xg==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 62 KB
20 KB 29ms
20ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102095
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KhT1J4OipwaSk-1fu9KeFHy7xLXJlEvrcFGbPiG1QO4hlCTJiuZHVw==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 105 KB
34 KB 30ms
21ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: drMOXJhZVobQjtuai1f7HCQbZbUZz_gxsioeXIFtKiLSsajwu2jCvQ==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 12 KB
4 KB 31ms
22ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G03bjREUVZodE3VNEVv7t6npj9SqO9PIROOJHpg-cOOSD4YsxoVyHQ==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 12 KB
5 KB 32ms
23ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qWlfi2TbWsMLcNztN_97EQBtT5D24wg5tTE-AnNlW1lI1__p6l4yBQ==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 17 KB
7 KB 32ms
24ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oQcq_0_qURC_dQZAG51ergs3r2fS64QVEajsXFMrUIKuNwAYJMD26A==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame AE97 11 KB
3 KB 17ms
9ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tl2jzB0uou3Z2WvBjaMpSRlOGZffokG4ylQIhTesEgM_6arx6hJELA==

GET
H2 200 9.61bf5d5e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 70 KB
22 KB 31ms
25ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.61bf5d5e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:28 GMT
server: nginx
etag: W/"b0dd42407985a4f00c1012ed8c5c2e3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6lcA8QuitZUhP8J6Df4tn8YMBMYoSZaq
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TCZBARZV4NYJSQj5SuhilWhFCzM-ozGd0RTEQXPx0bU30z7NNdBllg==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame AE97 24 B
666 B 15ms
10ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -FQaQNCtOJOEPic4dgHTyzE2QHAnSiF6wZY8qn0X-7E013GrudWdIg==

GET
H2 200 17.3f0b9ace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 78 KB
20 KB 34ms
29ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.3f0b9ace.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7bcce44ec2d943fe9d61522360b1672f3f933a0b2b2fb8290ddab6b8bc6fa518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"fc1b69d2d46a8b9cd77ca44b344c39a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6w3rkEH8f0AxCr0_I6dnTuo.LuWYHxbE
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qfZoOEgV6_7X86e2WJPBIdIj_ppxnkjk9Wef63nwE0zEUTU9ieCX5A==

GET
H2 200 24.424a0721.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 47 KB
13 KB 35ms
29ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.424a0721.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

65665bb05b1ad71d6d32de916f9f57f9f246b64b34bda4bb8e8a3a28f5a88f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"8dc35338012f228e661545170673b0ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: va_EyNdsZjSRy0VIugBwqZ6uxWhBKMTQ
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ER_s9wlTHBV-XmDsKpQ2o9RX5sP0mfKYRYWVibi8aiZONinL7h68gA==

GET
H2 200 15.b47cc4a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 40 KB
13 KB 38ms
33ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.b47cc4a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

10bbac7e2573245b857cbd8f748dd4c4fdabb0b6aed035e24279adfbf5827b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"ea7cb1975200446203d5380d96bcb52c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rgpUPBH8l30iCkNptICZb1R4wFf8Hw2S
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9uLIfci6ozFg7FTnVgR-zQog5KhlXhz7BRajkx4Pf6_PyIp-mYzdIA==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 47 KB
14 KB 38ms
33ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9993-vQKrbaVzGTnpRyOv62KA7uf3pLTuZILej8UDP2j2-n5Yk5OPg==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 44 KB
13 KB 38ms
34ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JfU_Q-ZaRtBwTU45n0UbAnDabmbnVM_fBDn1udZgqOFi3QeKekQpeQ==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 25 KB
8 KB 39ms
35ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 11OckYZAinOln7UWxd9LudM3T8-aJMAtE9owb01gog0Jcra4RtATUw==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 16 KB
5 KB 40ms
36ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9kV6crXpLTlVOu8m4CFeXOiXi60CaDrKdPVMEVaKbW7TIMKcfwdf0A==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 74 KB
23 KB 40ms
36ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r1FWUhuJ8u_m4tDIjd6Slli0mGe4XCUD6MXvVz6m077k8pvanzZ2Sg==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 59 KB
19 KB 41ms
37ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bfyXjRBCzUEhTFmTpzfaFpk2C4M4ziWxZERSA7-j8JpACc2SBKjrnw==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 91 KB
28 KB 41ms
38ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r2PTmlDKK6QpraEYcP4gdZSn8Y9lkQf5j9Imks9txw17s8YTszoLDA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 23 KB
7 KB 42ms
39ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tvNytrd-JOqvn-r6WOrxAsAIGfCM5jekPxOBO75AmdUFm0G592DQKQ==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 62 KB
20 KB 43ms
40ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102095
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Su2E3zFQCBhN2HjjBjVxA7whMJ71ZSiwgqYcxaQdch4jpDsZKbn0lg==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 105 KB
34 KB 44ms
41ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fIYTBMuRtCuYPT272y_rDEQ6GIVdOJhnYYYoik5erQTS2YuddK_XyA==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 12 KB
4 KB 46ms
43ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Imb7tgehueJ-wHgYCr5ehtv5NDtifc_QPs411SEXfSgcLkrOHmSXXQ==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 12 KB
5 KB 53ms
50ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sJSVxk8MMBJ1XIPNbFYjaa_ULM-fN-lOlrBDYA1Btj6gP6FdBD7jog==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 17 KB
7 KB 54ms
52ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nzrDl8j3Y8T9ZmZrboljaHiLLQDgHDgsIjhXlYRRd0EY0Ve-BX3HhQ==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 38CE 11 KB
3 KB 54ms
53ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PyTLrRZ8Uj1b71s6F4q8Rb9Owb23vnGVUmr7-b4zKiVcU7BU9MG3gg==

GET
H2 200 9.61bf5d5e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 70 KB
22 KB 56ms
54ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.61bf5d5e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:28 GMT
server: nginx
etag: W/"b0dd42407985a4f00c1012ed8c5c2e3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6lcA8QuitZUhP8J6Df4tn8YMBMYoSZaq
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: taZllq6DXF9W3rTlRSk2-lHY5-jqEewgf-q3aFxRFazM9j-zKRosnA==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 38CE 24 B
667 B 55ms
54ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zjT8eD7kWB9t_-xynauCMTTRd5Pq0g17ByvLJYR3YgGPHfB1znMHVw==

GET
H2 200 17.3f0b9ace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 78 KB
20 KB 56ms
55ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.3f0b9ace.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7bcce44ec2d943fe9d61522360b1672f3f933a0b2b2fb8290ddab6b8bc6fa518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"fc1b69d2d46a8b9cd77ca44b344c39a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6w3rkEH8f0AxCr0_I6dnTuo.LuWYHxbE
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ocXXPfyGekB4Hy3bzyIpO0tPAiUm8yc0ICkOpgUYXcDNvmhsllW-tg==

GET
H2 200 24.424a0721.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 47 KB
13 KB 58ms
57ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.424a0721.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

65665bb05b1ad71d6d32de916f9f57f9f246b64b34bda4bb8e8a3a28f5a88f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"8dc35338012f228e661545170673b0ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: va_EyNdsZjSRy0VIugBwqZ6uxWhBKMTQ
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yqSdZcFU-IAVNk9IHz8khyh0TBnTyn1Ufo4JjdIo8hK15o01F5PLNA==

GET
H2 200 15.b47cc4a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 40 KB
13 KB 59ms
58ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.b47cc4a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

10bbac7e2573245b857cbd8f748dd4c4fdabb0b6aed035e24279adfbf5827b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"ea7cb1975200446203d5380d96bcb52c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rgpUPBH8l30iCkNptICZb1R4wFf8Hw2S
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v_mGvhGVt8TVmEveOZj2slFC_xNB18XxIdAN49ELtfCZPCmdRltFAQ==

GET
H2 200 34.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame AE97 3 KB
1 KB 21ms
21ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pDgWOASMN9_NDbkmryYYC4K2HoZ50omL
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W6Ny58wfhDAAJOZ-KBnXlJgx3wDU5Q7Zj-D2I1zLUJnFXouNTTyq-Q==

GET
H2 200 34.07340d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 3 KB
2 KB 22ms
22ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.07340d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 431607
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:30 GMT
server: nginx
etag: W/"f732dfb3db72f996e1f4bc0225629a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HvgZCV9LNyT7x7vVdSj885BtX9dyNytM
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mphRUgf232PDjkKjdFKLFoIEi5T-ql0XZ4-7I-ORwORlz6sYsuUaiw==

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkFEMkw2d2xGVSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 38 KB
8 KB 146ms
145ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkFEMkw2d2xGVSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ef595389bccb3b4aaae5faf14ebb552bd6c47f567677c4e2089a79b6b0333c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddb98be9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InRtSlVwSFJPdCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 495 B
293 B 118ms
118ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InRtSlVwSFJPdCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb4bcacbe3939b748fcb3cde12bcce48a6572ce03e0c808c220542f92587bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddb98c19249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 cl3uoylhg00003f6bcqg32h8y Show response
capture.navattic.com/api/ Frame 7317 9 KB
2 KB 108ms
107ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl3uoylhg00003f6bcqg32h8y
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1bcb007ec69345584de638a925b5375af438cdadea7f1e215695b16a8cd4ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddb98c29249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 9 KB
3 KB 8ms
7ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 3675032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LcpOVNBFOKF22-lI2pfFy6V9_gvoblFLioDI6kx2-_fLi2at5Ab9mw==

GET
H2 200 26.a5fa75d7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 33 KB
10 KB 9ms
8ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a5fa75d7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"07c533e32590bc52ac1b137167ac3d81"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Om6KhJpoRUYTr7Om8uqiUaVuwIdIX9mR
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eBoTIbKgFpKTXdDBVYi9WsM3ZiVhoS2yjXuObOTBtyz3n1RBei030g==

GET
H2 200 27.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 38CE 8 KB
2 KB 9ms
9ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xlq0zBG2KT_EHoSQ.8VBH19dO.kmmlfU
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GyV-agEidnLdjfyScztvr1aiqrTAz-EKbv1L3r9X8EV8B3jCEXHJJA==

GET
H2 200 27.cae93f43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 12 KB
5 KB 9ms
9ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.cae93f43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"5277c592e20a97f12101fb9221e1083d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RRKwz_zWe9zBFE0ke3ga_KW8r9kULuha
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uD227dhX1Pw82fD1xu8y09wzCv8h9d8jc_iinC67xU2Lf5goy1p3tQ==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 38CE 365 B
1007 B 10ms
9ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 08:38:41 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
age: 1229365
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 22 Apr 2022 20:24:53 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: L3VGtilyy25ajd6juXICRdarj04czsmC
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MGj9z4ZzCY4BOSX53sZpVVpov1kfh-safpKROy-LPaTbAb81eHrUrQ==

GET
H2 200 19.3e3f9111.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 38CE 87 KB
24 KB 10ms
10ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.3e3f9111.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c1b1fa0d1bd18fded151783314b2ff0e0e331d0b834a802b556de1188b0190c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=d4e7isniz9na&region=US&forceShow=false&skipCampaigns=false&sessionId=f09fc98b-385c-4b9c-9352-783ccc90eedd&sessionStarted=1655906886.338&campaignRefreshToken=5a13500c-e1bf-48f6-9b73-6c2239fb0c37&hideController=false&pageLoadStartTime=1655906884065&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"3d2db6ec92b78995faa183006f204b50"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OlwPf5h5MTo.GrftkVN7H1MHuFTAK0BH
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XxWS3OgmaxOV2mWVuvXGZdkLEWlbyA1qUGQftO0p-fwDwKuhQAMv6A==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 307ms
307ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A05%20GMT%22%2C%22timeSpent%22%3A%221022%22%2C%22totalTimeSpent%22%3A%222027%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:07 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 9 KB
3 KB 11ms
10ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 3675033
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XpKbjzvVjZQwrdeWYKYXkxLfpkHikwk-fWW6n_zKzoGMxBSG1EsHKA==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame AE97 7 KB
2 KB 8ms
8ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qCJlHTNUr2HFRH6Ajng7Ce3aN.cZgspN
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TrHcbOfoTuLbYoP5SncVwfo9l-5jeWM_DNJsM1z2c0hj_oZ0tHuc5w==

GET
H2 200 3.00aa1009.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 54 KB
16 KB 11ms
11ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.00aa1009.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"b6e857285e106c4d697971a13a9e5f01"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5X0O2ApU5vgBeUnxDu8Cb4hnMjQt6Q5W
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZP2oYhI-HTUlTJARsqvNxKJhxwky7zzy9q7nTkAjDu7Odlic1USAzA==

GET
H2 200 1.2a811815.chunk.css
js.driftt.com/core/assets/css/ Frame AE97 43 KB
7 KB 13ms
10ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.2a811815.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 431608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:27 GMT
server: nginx
etag: W/"cffa309af51f35e8b5792ddf3e06a80b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VUaHAxuPIr8zCHoCffr5ySO3Had_qiEc
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gHgnaSBoCKDmwDFbRx4XEf9WpkG2Zg7Ewd_oekFQMlL-cPBY892jXg==

GET
H2 200 1.703eaedc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 73 KB
25 KB 14ms
11ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.703eaedc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

653623f60084fd90a4b77c27ef32e61b8c2bd9d79c0a89862fab02050acb45cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"dc64944623f982a6b9f90826280c904a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Z5QgxW_TRh0NIcTxSkJlyHAMlampKTw
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y_Axc54UXs79VNxrxGGKV3pdEYXVcgcJxlwPBkN6N8Kun3uDz_1dQg==

GET
H2 200 32.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame AE97 12 KB
3 KB 13ms
11ms Stylesheet
text/css 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 1102097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D63PtXL5bP.wpWr.uBaG9A4P_yKmwfSx
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p-s4T5QoNzsf7GrlzqSgC8F31HkGOCyL0yswOZU7OJ7Z8syYffhD1A==

GET
H2 200 32.08d8dedf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame AE97 11 KB
5 KB 21ms
19ms Script
application/javascript 143.204.89.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.08d8dedf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b3a0ca5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-91.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1655906884065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 15:46:08 GMT
content-encoding: gzip
age: 426119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:27 GMT
server: nginx
etag: W/"566a10802a29d81a470d77eb56b23265"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: q1XXFzMgigoPtwIuvu5JzvITbp4A1Agn
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r4mJkHHFiBHzTGpsBpRkiM812xyHr6JoVJhlOGuH4M8iiNxmtAaYSg==

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InhWMFFJTHVoRiJ9
capture.navattic.com/nv_static/i/ Frame E8AA 1 KB
1 KB 218ms
217ms Image
image/png 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/i/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InhWMFFJTHVoRiJ9
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f842c523b2ac6c6886c6fa734cfad6afd8e786bdab3ea0d882ee7b099c31707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddc5a219249-FRA
access-control-allow-headers: *, authorization, content-type
content-length: 1455

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6ImdrTHFjRHhVdCJ9
capture.navattic.com/nv_static/i/ Frame E8AA 6 KB
6 KB 219ms
219ms Image
image/png 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/i/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6ImdrTHFjRHhVdCJ9
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6ecaea6b49598fc5c1b3fe87a90cbfdefef893d120ce206ef3deff3f9211261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddc6a3b9249-FRA
access-control-allow-headers: *, authorization, content-type
content-length: 6412

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6IjlLS1BvTXlIZiJ9
capture.navattic.com/nv_static/i/ Frame E8AA 6 KB
6 KB 207ms
207ms Image
image/png 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/i/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6IjlLS1BvTXlIZiJ9
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6ecaea6b49598fc5c1b3fe87a90cbfdefef893d120ce206ef3deff3f9211261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddc7a4e9249-FRA
access-control-allow-headers: *, authorization, content-type
content-length: 6412

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6Impxa1V2VGZwRyJ9
capture.navattic.com/nv_static/ Frame E8AA 12 KB
12 KB 240ms
238ms Image
image/png 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6Impxa1V2VGZwRyJ9
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e62cc33746f6c6c2840f3939fe9cb29787b35e3d66f3d04f700f8459eaffa75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddcaabb9249-FRA
access-control-allow-headers: *, authorization, content-type
content-length: 12271

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6ImNnZG1Kb1lJNSJ9
capture.navattic.com/nv_static/ Frame E8AA 404 B
320 B 200ms
199ms Image
image/svg+xml 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6ImNnZG1Kb1lJNSJ9
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d1a7a34513ad7261d34fb3a53b5e0ccddf6e760ddade380c0af947a4265490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddcaabe9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
DATA 200
OK truncated
/ Frame E8AA 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a823d5612cd8d49b316c3c189f120312a495ff61e921b19e79319238fa0742d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InRUaUxCRU9xVSJ9
capture.navattic.com/nv_static/ Frame E8AA 2 KB
746 B 215ms
215ms Image
image/svg+xml 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6InRUaUxCRU9xVSJ9
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2a4f373ddcc4924e8bd6cfcfa2f062f56e5460e8b854c13a7e09887a5f3b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddcaac09249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6Ino2S1BDZGp6eiJ9
capture.navattic.com/nv_static/ Frame E8AA 3 KB
3 KB 199ms
199ms Image
image/gif 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6Ino2S1BDZGp6eiJ9
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 776356f19d223c056221477df59c8d0d05bb34eeda044895efb3a33b7499737b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddcaac69249-FRA
access-control-allow-headers: *, authorization, content-type
content-length: 2876

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6IlNUVjRVMEM4In0
capture.navattic.com/nv_static/ Frame E8AA 11 KB
11 KB 258ms
258ms Image
image/png 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6IlNUVjRVMEM4In0
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1cc5c992c4d89446fa6a50db3159fb8afa92541cc44b03ef50eae4123f3bb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddcbaea9249-FRA
access-control-allow-headers: *, authorization, content-type
content-length: 11095

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6ImFkNTBRSkZtaCJ9
capture.navattic.com/nv_static/ Frame E8AA 1 KB
669 B 187ms
187ms Image
image/svg+xml 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDI1NHpsZGw0MTI0OTA5anVyc2VrbzJ4cyIsImtleSI6ImFkNTBRSkZtaCJ9
Requested by: Host: capture.navattic.com
URL: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff7e8153b8f54924dd82b47d0983c46241e07079822cf93e349b9b29f5d34c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddcbaee9249-FRA
access-control-allow-headers: *, authorization, content-type

OPTIONS
H2 200 metadata
app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/ Frame 0
0 138ms
137ms Preflight 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/metadata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://capture.navattic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: PUT
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-length: 0
cross-origin-opener-policy: deny
date: Wed, 22 Jun 2022 14:08:07 GMT
referrer-policy: origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-matched-path: /api/guide/customers/[cid]/metadata
x-vercel-cache: MISS
x-vercel-id: fra1::iad1::w7ls5-1655906887258-36c84a157385
x-xss-protection: 1; mode=block

PUT
H2 200 metadata Show response
app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/ Frame 7317 2 B
82 B 279ms
279ms Fetch
application/json 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/metadata

Requested by

Host: js.navattic.com
URL: https://js.navattic.com/navattic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://capture.navattic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: on
date: Wed, 22 Jun 2022 14:08:07 GMT
x-matched-path: /api/guide/customers/[cid]/metadata
x-vercel-cache: MISS
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
server: Vercel
cross-origin-opener-policy: deny
x-vercel-id: fra1::iad1::w7ls5-1655906887398-2f1bf1d6955a
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 38CE 25 B
122 B 118ms
117ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
server: istio-envoy
requestid: fc89c2a0fee082f2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 333ms
106ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 22 Jun 2022 14:08:07 GMT
requestid: drift0b4c92844d3bd5e603ab2a32aeb
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImdxbWZESENTViJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 38 KB
8 KB 147ms
147ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImdxbWZESENTViJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bbb6ab7ff4d0e730cc3df3d0e406aa028a3b685e1ac1114775b5193a12b1740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dde2d479249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 cl3uihkz400023f6b3rb2ih6b Show response
capture.navattic.com/api/ Frame 7317 303 KB
214 KB 150ms
150ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl3uihkz400023f6b3rb2ih6b
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c50e6a3a0bf0c4646842c917dd24466970011960d0ad95a24b1c180f60a30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58dde2d4b9249-FRA
access-control-allow-headers: *, authorization, content-type

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 38CE 147 B
245 B 108ms
108ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

0e49e4bbe049e448aab53f4a915a4691d27714168b9af4aa90e99d0502050d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
server: istio-envoy
requestid: b2b26265b932a0f5
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 351ms
107ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 22 Jun 2022 14:08:07 GMT
requestid: drift5cb48c04502ae5a2422d6724be0
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H2 200 cl3uihe5800013f6be0ar06eq Show response
capture.navattic.com/api/ Frame 7317 682 KB
418 KB 388ms
387ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl3uihe5800013f6be0ar06eq
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898cea3326f338af38c722f9bfa13bafd8a06edecdba0b685c56f0f07d6285df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:07 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58ddf1fbf9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 cl3ue3d1m0000396i62rym4k4 Show response
capture.navattic.com/api/ Frame 7317 838 KB
79 KB 290ms
289ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl3ue3d1m0000396i62rym4k4
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1371dc86e435c6971dcf464bef172a4da3f47aef510d53dc0cf86817c1975d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de1acb69249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 312ms
312ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A07%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%223030%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:08 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InNHYmZZUzlDbSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 327 KB
28 KB 208ms
206ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InNHYmZZUzlDbSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad98224718eb73ee303965d2fbd0e2406da7451be8acd075c9456be82bae54c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a8409249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InB6Y3V2aFpUSiJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 213 KB
34 KB 218ms
216ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InB6Y3V2aFpUSiJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf89621ab181ee8f8396b1ee334b06e1c03c5a4e93033080a41aa7316f7afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a8429249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InlLMEZld0tPaCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 8 KB
2 KB 179ms
177ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InlLMEZld0tPaCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d17c8df9cbf0ad73cdee6224b8b6d98360b815b13e8c96764d853a4060475dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a8449249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6Imk2UmVmT3ZrYSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 6 KB
2 KB 164ms
162ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6Imk2UmVmT3ZrYSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ea7cbcb14b3ccca9c52cca352840c6b850623cd086d783268ce7ee7e6e6570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a8459249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkV3Q1FVSmtXZCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 7 KB
1 KB 160ms
159ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkV3Q1FVSmtXZCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f483c532297846a0b5c391a86dc8c0a487d3c4d449b908865b8bcf4024abc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a8479249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IjU5TDB2ekpUMCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 3 KB
561 B 140ms
138ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IjU5TDB2ekpUMCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3601dd8e2968e796e5936d1f05ba69b446cc85fca4be0da276ab755ee47bbc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a8499249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InFIUWlKV2RTSyJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 172 KB
32 KB 196ms
195ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InFIUWlKV2RTSyJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84a841e86b9eb8416be31b1b653d266d7a449c1daaacf002c6c9d9fa83a28fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a84e9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InN1UklhcmJmZiJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 42 KB
4 KB 194ms
193ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InN1UklhcmJmZiJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161a4ec27e6c2b01aea3b499b53525b2af5ae7cd8c1577fc235de1dd26b8bb56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a84f9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImdKZEZyMzVYRSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 54 KB
7 KB 158ms
158ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImdKZEZyMzVYRSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3deca8d21076e06a2ed275557c80143f80ae9b0e4241c4e1cd72de997ccc0589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a8529249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkI0ZThmS0twYSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 6 KB
1 KB 157ms
156ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkI0ZThmS0twYSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b312691fe2550eedbdc371fa4c644fa8a44accd218e43bdd62db28fa382b616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3a8569249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 cl3ue4gi6000039hqojd4ssir Show response
capture.navattic.com/api/ Frame 7317 698 KB
66 KB 469ms
468ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl3ue4gi6000039hqojd4ssir
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a014d6f8d13353bb22c7f70d92eb6e28340e41c00c06395d5cef18e1d382b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de3b8689249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6Im1pRXBGRmZadiJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 29 KB
6 KB 174ms
173ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6Im1pRXBGRmZadiJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad9fda4951f69cc5cc2db0df348b1597d92c71a4e938d4ef220c546fe7b6db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6de429249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkRJSldRdU9hQyJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 6 KB
1 KB 148ms
148ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkRJSldRdU9hQyJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 010c3c59f4827d3c2f5c8bd0368469b007d5df7c201367b0584defed1d7b4a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6de449249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImxYbURMdEZiNyJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 3 KB
818 B 141ms
141ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImxYbURMdEZiNyJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aeb90e67595902f018924825c7911195958c0d76225d4f1ececb602f23530e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6de509249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImFaOW4ydFZ3eCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 12 KB
3 KB 173ms
173ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImFaOW4ydFZ3eCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb695b1b988887b139911f373ac7ce2e1abdc138cc5835f37ed1419975412f76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6de529249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IjIzSnJvd0RDUSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 61 KB
13 KB 153ms
153ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IjIzSnJvd0RDUSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b14c27ee6069efed57f28b76d777570a2f5dc5fb956a7c3da0dbbcd75e5a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6de549249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IjlYcHoyaWc4TiJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 218 KB
35 KB 200ms
200ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IjlYcHoyaWc4TiJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc5ab7158d880ec1a4fd1e2d68a3c3865b1e5650f779f82fe9f1cf4edfd0d1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6de579249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InZwRzFaZDJBcCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 5 KB
712 B 135ms
135ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InZwRzFaZDJBcCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32920150697af460bef48988b8263d0d4cf50dadcfd260e4b0fe1257b3fa7a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6de5a9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IjdLaDZXa2ZOUCJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 1 KB
521 B 112ms
112ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IjdLaDZXa2ZOUCJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83d44b8b3b6d4eeb1cfa42eedc651214720eb43b802cb22ca6411adc4dbb5b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6ee5e9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImhkOVJTVmNnciJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 5 KB
2 KB 132ms
132ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImhkOVJTVmNnciJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93eb7194659d305a4df7b8a6b3b04b4948e68d10cea3fb1b23aeb67509f20f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6ee5f9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImFKeWhZa2p1YSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 2 KB
771 B 133ms
133ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6ImFKeWhZa2p1YSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8704f0f11f2d913db521cbad48b210fa8d95fd1b79f64bd11636063195d48951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6ee6c9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6Im1YVW42eFhHYyJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 6 KB
1 KB 139ms
139ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6Im1YVW42eFhHYyJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143b5a06a8fe9c5466090968dd2ebc59f173bc915948441825474c7a581eeae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6ee7c9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InlSTU40RFM1SSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 18 KB
3 KB 124ms
124ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6InlSTU40RFM1SSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d808b4b693f1125e421db8eae228e43252ceaad83dc2b720b18e8789c231cc03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6ee7f9249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 cl3ue5sca000039hpny8z43ib Show response
capture.navattic.com/api/ Frame 7317 592 KB
60 KB 220ms
220ms Fetch
application/json 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/api/cl3ue5sca000039hpny8z43ib
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fae95a3952bc78d7c1b3183d8e69bd4c6a22e32fd3d9c008548b441176d945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:08 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de6ee819249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H2 200 eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkVsVEdCb2xhZSJ9 Show response
capture.navattic.com/nv_static/ Frame 7317 3 KB
1 KB 117ms
115ms Fetch
text/css 2606:4700::6812:173c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.navattic.com/nv_static/eyJjb2xsZWN0aW9uSWQiOiJjbDN1ZGFhNjgyNTQxNjA5bWlvam92YTFwdSIsImtleSI6IkVsVEdCb2xhZSJ9
Requested by: Host: js.navattic.com
URL: https://js.navattic.com/navattic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:173c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499f072374a51535b6687084e97b765f3f8ead8644a9840a0e2f4f66ef839693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://capture.navattic.com/cl3xevv6g2194309mmlti7mycv?g=cl3oi4smb1557309mpa3vwkejy&s=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:09 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 71f58de869679249-FRA
access-control-allow-headers: *, authorization, content-type

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 313ms
312ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A09%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A08%20GMT%22%2C%22timeSpent%22%3A%221007%22%2C%22totalTimeSpent%22%3A%224037%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:09 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 perf Show response
www.safeguardcyber.com/_hcms/ 2 B
452 B 161ms
161ms XHR
text/plain 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safeguardcyber.com/_hcms/perf
Requested by: Host: www.safeguardcyber.com
URL: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 71f58dea9d7e9b2e-FRA
date: Wed, 22 Jun 2022 14:08:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: aeb54039-90cd-49e6-ad80-605ac6d1fb64
x-trace: 2B9DA31F5B6081E8B680575AC4C6038EC37B4B8F18000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzKL%2FlufFR%2FDCDc%2B8jv5agxu1q%2FF5fVDgusj2Zex%2BuP3G%2F4oB05N9M%2FqAP6k3TdEBf%2Fv2cPArR1EBW98vZ39XSlD5IA9vHafENS0WcjvSalaWquX%2BhR9pl6fc87DTlEqCPefLFjvKhsAlunAOoUT7YP7O%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
x-robots-tag: none
content-length: 2

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 38CE 25 B
112 B 123ms
123ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Jun 2022 14:08:10 GMT
server: istio-envoy
requestid: fb443c59b5a8edbc
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 109ms
109ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 22 Jun 2022 14:08:09 GMT
requestid: drift797825d4c1ebcd009861bbfaf26
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 304ms
304ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A09%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%225040%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:10 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 s
scout.us2.salesloft.com/ 42 B
356 B 97ms
97ms Image
image/gif 52.202.60.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scout.us2.salesloft.com/s?type=tick&hitId=491451489&rand=8727106&monitorResolution=1600x1200&viewportResolution=1600x1200&pageTitle=Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog&url=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&sessionCount=2&hasWS=true&time=5578&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sli=14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&guid=d8b9f36f-b3f8-4f7d-a50d-9649f22f7201&tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDI1Mjd9.M0vLhUf0dMmGZrO6fIII5qiCJ5HD5STm13dn6qMaYm0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.202.60.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-60-40.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:08:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 42
x-request-id: 47cd7da2d11b0ec294ca65319772d0bf

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 306ms
305ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A10%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%226044%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:11 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 316ms
315ms Image
image/gif 104.89.35.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=97ab940f5e06321b3849e8cf22100b74&svisitor=5de17b5ca42100004422b36235030000c4870700&session=835653ed-bdeb-4e6a-8842-a6ea4aa62f47&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2022%20Jun%202022%2014%3A08%3A11%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%227046%22%7D&isIframe=false&m=%7B%22description%22%3A%22Multi-channel%20communication%20attacks%20are%20increasingly%20common%20among%20threat%20actors%20%26%20cybercriminals.%20Learn%20how%20these%20attacks%20exploit%20the%20modern%20communication%20ecosystem.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Multi-Channel%20Communication%20Attacks%3A%20A%20Demonstration%20%7C%20Blog%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.safeguardcyber.com%2Fblog%2Fsecurity%2Fmulti-channel-communication-attacks-demo%3Fd_utk%3D5dfe6f6f-222e-4a46-ac1c-f627e84280e0%26sbrc%3D14qHHKDkqNoJ7OWQ3pg1iLw%253D%253D%2524ma1Al8vjwFt3-Lk4C2ZpmA%253D%253D&pageViewId=23ba900c-505b-46b3-8f86-06cc7386d7ec&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.35.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-35-64.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.safeguardcyber.com/blog/security/multi-channel-communication-attacks-demo?d_utk=5dfe6f6f-222e-4a46-ac1c-f627e84280e0&sbrc=14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 14:08:12 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.safeguardcyber.com/	1969-12-31 23:59:59	Name: __cfruid Value: a600acced6d44766866d73b1902bb3d8d5b1edf5-1655906884
.hubspot.com/	1970-01-20 03:58:28	Name: __cf_bm Value: CEAHQ2prpJWWHtWrWwquC2bC2Dnc9jjlzrn3i6cgMV0-1655906884-0-AZIuWf8AeGduWEUnYPm+HMrxl75QPjEI/qd/Q2t+DHXor4XgpgzptfDFioi4Ac9XmsirPeLejvXpxmb3asM3X0Y=
.safeguardcyber.com/	1970-01-20 06:08:02	Name: _gcl_au Value: 1.1.2128873074.1655906885
.6sc.co/	1970-01-20 21:29:38	Name: 6suuid Value: 5de17b5ca42100004422b36235030000c4870700
www.safeguardcyber.com/	1970-01-20 04:41:38	Name: sli_token Value: 14qHHKDkqNoJ7OWQ3pg1iLw%3D%3D%24ma1Al8vjwFt3-Lk4C2ZpmA%3D%3D
.linkedin.com/	1970-01-20 04:41:38	Name: UserMatchHistory Value: AQLlSFlSrZO8wwAAAYGLvd6T2lNHOJcwb3LqRBlgHBscdDz8gRWy9L5NheGaFcfspk9ItvdwMSSV7Q
.linkedin.com/	1970-01-20 04:41:38	Name: AnalyticsSyncHistory Value: AQJMqLpNkWrnEwAAAYGLvd6ToNdqIfOOGV2CA2mxBaJbuAkJWEKRVIQTajQZxBqKBdEeHVIzzkyhL8bfa2wYHA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:30:20	Name: bcookie Value: "v=2&695b5ebd-164f-4523-8577-893cf6665978"
.linkedin.com/	1970-01-20 03:59:53	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2330:u=1:x=1:i=1655906885:t=1655993285:v=2:sig=AQFfJDHH_Hfo_S2B4i3GrUgj5zt_0XFI"
.safeguardcyber.com/	1970-01-20 21:29:38	Name: _ga Value: GA1.2.255879153.1655906885
.safeguardcyber.com/	1970-01-20 03:59:53	Name: _gid Value: GA1.2.957898460.1655906885
.safeguardcyber.com/	1970-01-20 03:58:26	Name: _gat_UA-59152664-1 Value: 1
www.safeguardcyber.com/	1970-01-20 21:29:38	Name: _gd_svisitor Value: 5de17b5ca42100004422b36235030000c4870700
www.safeguardcyber.com/	1970-01-20 21:29:38	Name: _gd_visitor Value: e561b542-dbf0-4569-880a-571e0eba0a08
www.safeguardcyber.com/	1970-01-20 03:58:41	Name: _gd_session Value: 835653ed-bdeb-4e6a-8842-a6ea4aa62f47
www.safeguardcyber.com/	1970-01-20 04:08:31	Name: _an_uid Value: 0
.safeguardcyber.com/	1970-01-20 21:29:38	Name: _lfa Value: LF1.1.8ffd2a74791907f1.1655906885437
www.safeguardcyber.com/	1970-01-20 04:08:31	Name: slireg Value: https://scout.us2.salesloft.com
.safeguardcyber.com/	1970-01-20 06:08:02	Name: _fbp Value: fb.1.1655906885487.906706241
.t.co/	1970-01-20 21:29:38	Name: muc_ads Value: 19c7a24c-bf7f-4eea-94f3-6e863f8e5a9d
.twitter.com/	1970-01-20 21:29:38	Name: personalization_id Value: "v1_A7Zi/etKfHNQvtVEWe8c6A=="
.doubleclick.net/	1970-01-20 03:58:27	Name: test_cookie Value: CheckForPermission
www.safeguardcyber.com/	1970-01-20 12:44:02	Name: sliguid Value: d8b9f36f-b3f8-4f7d-a50d-9649f22f7201
www.safeguardcyber.com/	1970-01-20 12:44:02	Name: slirequested Value: true
.safeguardcyber.com/	1970-01-20 12:44:02	Name: _hjSessionUser_1932619 Value: eyJpZCI6ImE1NzFkNWNhLWIwZDYtNTJkMy04YmQxLTg2ZGFmNmIzYjY0ZSIsImNyZWF0ZWQiOjE2NTU5MDY4ODU1NDQsImV4aXN0aW5nIjpmYWxzZX0=
.safeguardcyber.com/	1970-01-20 03:58:28	Name: _hjFirstSeen Value: 1
www.safeguardcyber.com/	1970-01-20 03:58:27	Name: _hjIncludedInSessionSample Value: 0
.safeguardcyber.com/	1970-01-20 03:58:28	Name: _hjSession_1932619 Value: eyJpZCI6ImYwMjY2ZjAzLWZiYWYtNGQ1Ni1iM2UwLTNkNDJlNzQ4ZjMwZSIsImNyZWF0ZWQiOjE2NTU5MDY4ODU1NzEsImluU2FtcGxlIjpmYWxzZX0=
www.safeguardcyber.com/	1970-01-20 03:58:27	Name: _hjIncludedInPageviewSample Value: 1
.safeguardcyber.com/	1970-01-20 03:58:28	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:30:20	Name: bscookie Value: "v=1&2022062214080576b35d88-2b8d-4aa4-8e00-fdc8f6e35cadAQFtsSEEDgeg4WVV4KQdeff4kdmWioAQ"
.linkedin.com/	1970-01-20 21:16:52	Name: li_gc Value: MTswOzE2NTU5MDY4ODU7MjswMjEHVyL+9s/nPU0tc1vK6Lnkr8NVnxrCvotGW9VYD6qARw==
www.safeguardcyber.com/	1970-01-20 03:58:28	Name: drift_campaign_refresh Value: 5a13500c-e1bf-48f6-9b73-6c2239fb0c37

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.safeguardcyber.com/hs-fs/hub/3918364/hub_generated/template_assets/43596271684/1654890064170/safeguard/css/ajax-loader.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.navattic.com/api/guide/customers Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://app.navattic.com/api/guide/customers/cl4po7e4400013b67mjul18pw/metadata Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14515786.fs1.hubspotusercontent-na1.net
analytics.twitter.com
api.hubspot.com
api.userback.io
app.hubspot.com
app.navattic.com
app.salesloft.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
capture.navattic.com
connect.facebook.net
cta-service-cms2.hubspot.com
fast.wistia.com
fonts.googleapis.com
googleads.g.doubleclick.net
in.hotjar.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
js.navattic.com
js.usemessages.com
metrics.api.drift.com
no-cache.hubspot.com
perf.hsforms.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
sales.safeguardcyber.com
sc.lfeeder.com
scout-cdn.salesloft.com
scout.salesloft.com
scout.us2.salesloft.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
static.hsappstatic.net
static.userback.io
stats.g.doubleclick.net
syndication.twitter.com
t.co
tr.lfeeder.com
track.hubspot.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.safeguardcyber.com
104.244.42.136
104.244.42.197
104.244.42.67
104.89.35.64
108.157.4.64
13.107.42.14
143.204.89.100
143.204.89.106
143.204.89.34
143.204.89.6
143.204.89.91
172.217.18.2
199.232.136.157
23.111.9.64
2600:9000:2315:9000:1f:f723:6fc0:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:2c40::c73c:671f
2606:4700:4400::6812:21ab
2606:4700:4400::ac40:9ad8
2606:4700::6810:5705
2606:4700::6811:43b0
2606:4700::6811:72b0
2606:4700::6811:7d2
2606:4700::6811:e9cc
2606:4700::6811:eecc
2606:4700::6812:163c
2606:4700::6812:173c
2606:4700::6813:9a53
2620:1ec:22::14
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9c
2a02:26f0:6c00:294::1c91
2a02:26f0:f7::5c7b:e024
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a04:4e42:600::622
3.224.13.60
34.193.113.164
34.197.6.88
34.253.52.76
35.157.119.77
37.252.172.123
50.16.7.188
52.202.60.40
54.85.73.22
76.76.21.61
010c3c59f4827d3c2f5c8bd0368469b007d5df7c201367b0584defed1d7b4a6f
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
0349fc77e6ab68a53259d00647270bc5e4271a4c9d3b1066971627275007f2a4
064658b1712e7d525359709b3ce29ebdeb8f1a51d90f2b527415366eaec6acaa
09d1a7a34513ad7261d34fb3a53b5e0ccddf6e760ddade380c0af947a4265490
0a1bcb007ec69345584de638a925b5375af438cdadea7f1e215695b16a8cd4ae
0b14c27ee6069efed57f28b76d777570a2f5dc5fb956a7c3da0dbbcd75e5a4e1
0e49e4bbe049e448aab53f4a915a4691d27714168b9af4aa90e99d0502050d9a
10bbac7e2573245b857cbd8f748dd4c4fdabb0b6aed035e24279adfbf5827b8d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30
1365d4bdc14090157c99cf8491ca4391c87425182f746b89ff13276985ea1399
1371dc86e435c6971dcf464bef172a4da3f47aef510d53dc0cf86817c1975d5e
13b6dd752c284d4fca668b255e8f96a3c522a0f00f2fd9e131bb7c372de7b249
143b5a06a8fe9c5466090968dd2ebc59f173bc915948441825474c7a581eeae1
145fb3d328d872c3dfe331ddfceb910532ad19f205c4593f2560c9e8d1a14c69
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
161a4ec27e6c2b01aea3b499b53525b2af5ae7cd8c1577fc235de1dd26b8bb56
171e0e7411219f4d4e2d623b005563f4f12c5a597f07f8bfded15fa64a86a9b5
17367d8397823e82fac346190d81863e8e24915e163798068d0d7a8fe615463c
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1a59686e4bcb32dd11b466a10fed58b7f1a567f9e7973f05fc0f3fc279a19775
1a8501c81cebbc7ac278fe8366d67477462a72448556e9f3cb22e2a8dacb531b
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
258fd3d541c72fc71d093f71f1adac63902996dab4c7c3b5047b6fafdef07810
25ecbead95bea9d78badcb52b16a272d22b492b8f96585cc3680a06cd4cc37f1
26abbb54760ba5dc4ff33bcd95a4a257178c5ee22d0095cfa0b18ad70e911987
2c2a4f373ddcc4924e8bd6cfcfa2f062f56e5460e8b854c13a7e09887a5f3b97
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30a014d6f8d13353bb22c7f70d92eb6e28340e41c00c06395d5cef18e1d382b5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32920150697af460bef48988b8263d0d4cf50dadcfd260e4b0fe1257b3fa7a5e
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
391c4c9c63b5194ee228e4f009a1f14bd7dc09f10bf48b91223712bb0af81bc1
3ad9fda4951f69cc5cc2db0df348b1597d92c71a4e938d4ef220c546fe7b6db3
3cf38a199ddf1a29fae427565e500975739238cb06cc4b1406b4ad545caf13cc
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3deca8d21076e06a2ed275557c80143f80ae9b0e4241c4e1cd72de997ccc0589
417b3cafe864819afb67c696d5c88d389eae74c036ba124d3e665b48a3c0b361
436642d6e06c859893cd1e1d7edffa0b23e6f430f05ecee2b2a973c0b6887582
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4454e20b443e2b925f5fbc472f35647ff40589d9b1205196e4838697ebb7eb1b
468c531a6386668a02a51387ee143d27f8879ffebf83d4be7ce79d8598ed6676
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
46b48c2cb2ba7e9deae742d0ee002166e145e11961de0bee3a58fb2cf59ec58d
499f072374a51535b6687084e97b765f3f8ead8644a9840a0e2f4f66ef839693
49fbf4f218bb4866ab6daf8f233298eee909f8673f925ab1aee636b7d0b04191
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
504b90e7a694c8746c5b6172edbdcb92932825c37affc87e8f9f7798d1bfbaf1
51441fd93888a80b9ce201ffe124cef25f56ce700d6060528f60d067b952c462
51ea325a7f7b5e8fe4c0864b58e83b421526e47b7120763f8a328657c51bf3f6
520c32a673343326a4aa313d7ffe80e0a0fd3c7f1640a4bac44865e592ab9a7e
5231f1e0b0def788f7f6e7520f05c30603ebe4566b5d37e4d8d1b29dba37c971
527cdadeaef488639617c13b883e497b676608ddd012cb71383d712f53c9ce91
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
5beb7bd460e9306ae1f1bc43a48860f99c6aa04b086c54c2d9da170e693ca44c
5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229
5d579cbb4ef3455034ad872955e1d09f9b8790984348f57ebc24f081f8a449d4
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5f842c523b2ac6c6886c6fa734cfad6afd8e786bdab3ea0d882ee7b099c31707
6124da777db23e4e2c169d68f7b2eaed5e1deb23150ad500cbf508e3eec67156
63f9cdaf58f10d84fdda991f8d42fec97819071575bbcb43a1ed324098ec5838
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
653623f60084fd90a4b77c27ef32e61b8c2bd9d79c0a89862fab02050acb45cd
65665bb05b1ad71d6d32de916f9f57f9f246b64b34bda4bb8e8a3a28f5a88f94
6774401309d194234d263e20d3b25357dd8e0080d357ba297064b94490e64151
67e83360c1899059ca090a581bff375f4061dbfb87373cb97cfcd7f9171a480e
6a1a4ca5f7f38b6e0c748830af96eb70a348222029ac9536d27eee12df1bdaee
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bbb6ab7ff4d0e730cc3df3d0e406aa028a3b685e1ac1114775b5193a12b1740
6c2b73c0ad0ace33f69a9ded36d32edbca560be0bb8b3c83c9c9a1399b56bed1
6c35b9b57f9166badd7543f4c2fc89ca9034b44c52fd873bee466879d20a0c2f
6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6ce7aabca5d7316846e7053b6f1eed44ef381f9c738cc1d8c36609279ab3d7b2
72ad128c1e61ba6f7511a20ac0feaa23dc240a35b3bef6928e6d7841c0f5fd6f
72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
776356f19d223c056221477df59c8d0d05bb34eeda044895efb3a33b7499737b
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
7b312691fe2550eedbdc371fa4c644fa8a44accd218e43bdd62db28fa382b616
7bcce44ec2d943fe9d61522360b1672f3f933a0b2b2fb8290ddab6b8bc6fa518
7ce39788e0d5748b7aae96377e74954f63bad1a7468b3db5505bf0937b85e288
7e080a739324f3e06761179545d8711f8190467ac41de4a9e726121725c8f506
7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b
7ebe6cf0e76708be4faee0ff4b23f035d831e43512f6b6543b05158a97060d4b
7f77149b1beed108b3d3ad88b9170a8a27e1c6eedb0ed30c698492b4586372d3
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
813ebf9c45665dffb61e9e34f50fc7734baf7d0f90d17b156bcf85aba779531c
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
822f723254abf8d5ab6e1be14df67301e03d85e16d3ceb068ba97720eb237c1a
823d8549a4f721389b1f6745933ea74706228a932cc737c9c0f7e9d1a87b73ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d44b8b3b6d4eeb1cfa42eedc651214720eb43b802cb22ca6411adc4dbb5b77
84c88eaa933409a59468a3b88a0b3712e91fd8a45d8d93628961b93e13f4449b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8704f0f11f2d913db521cbad48b210fa8d95fd1b79f64bd11636063195d48951
8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d
88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5
8964852343fcce8ce76f4044a5246529fc803f925d2442d0604fc9cfed018e0d
898cea3326f338af38c722f9bfa13bafd8a06edecdba0b685c56f0f07d6285df
8a3390a950d27f3ff294c2fe15b1e54d1ddb5f4631d777dd8dd4d8447e381e9a
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8d17c8df9cbf0ad73cdee6224b8b6d98360b815b13e8c96764d853a4060475dc
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
93eb7194659d305a4df7b8a6b3b04b4948e68d10cea3fb1b23aeb67509f20f92
95071237376cf303c5753fcc2f7118f5a286fb147a0a6d676608b1a435a64885
9aeb90e67595902f018924825c7911195958c0d76225d4f1ececb602f23530e4
9b06e4f9701667cbfb2c27b4955dfb26ad87cf2d410df01289c744f17a1a0257
9b163c4c04736449f60c7094be0198e89aa4694e7d1e02ad2f9180719c4244be
9dce6e7313e88786783ba4310d9dd266491a16a7a9502217ecee5e336008409d
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
9e62cc33746f6c6c2840f3939fe9cb29787b35e3d66f3d04f700f8459eaffa75
9e7b3c3c49c4f1afb12133a3bcb9e5fc541ce46e6bcfe0d536f3791915aeeffe
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ea7cbcb14b3ccca9c52cca352840c6b850623cd086d783268ce7ee7e6e6570
a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c
a823d5612cd8d49b316c3c189f120312a495ff61e921b19e79319238fa0742d7
aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ab86529a9f83ae1145d4b8ce77a11c2c6a514c3cb0652c33bd30c5dd1d8aa78b
ab8b6028677858ecc46f2ed2a009b1ac1a7b2d915066a5386bcf96eb86a38af6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad98224718eb73ee303965d2fbd0e2406da7451be8acd075c9456be82bae54c9
adb4bcacbe3939b748fcb3cde12bcce48a6572ce03e0c808c220542f92587bc1
ae29de83c0fd25dc8219094b08dea9412c4ad792c019409976baa57f659edff2
af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0
b1399560fa4c141073da75ef91036c00dd614b384506fc3485fa7d4e39524696
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ef595389bccb3b4aaae5faf14ebb552bd6c47f567677c4e2089a79b6b0333c
b247d7b224b52700794b571a2093e2d12158c5fa14711d60538444016642493d
b339bdb07ea2df0f40629052bdeda41410aaf541dff56f46239cdea5d59b47e5
b565332fa03a1b4f9853bcb8f5cd7cbc61db6e9b2cb12ad265f26cb8f77125d5
b6ecaea6b49598fc5c1b3fe87a90cbfdefef893d120ce206ef3deff3f9211261
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd
b91df6642e094335a86d1ec981f362294b3635a6f5b53e89d044fb6957f8fb50
bb4b73905e245e08fe5127ecffd96633c641e4b5b71e2c9053bc05627ae304ce
bc5ab7158d880ec1a4fd1e2d68a3c3865b1e5650f779f82fe9f1cf4edfd0d1e0
bcc5d5ad85e0e60fa539bebbc329da01cd7557505b8eda870f29141c3f2ab6a5
c1662e21a407a7a54ce2335d143b91c78fb02a674d3113e0424ef6757e61cdd2
c1b1fa0d1bd18fded151783314b2ff0e0e331d0b834a802b556de1188b0190c5
c294b7dfb9e7478fb1a1a4f883285fd2ad9d87fa70daf35602314adf3659a1ac
c2f483c532297846a0b5c391a86dc8c0a487d3c4d449b908865b8bcf4024abc7
c3601dd8e2968e796e5936d1f05ba69b446cc85fca4be0da276ab755ee47bbc7
c4960edde631318c4df29ed9130f9523f00ecce1e6f38e90099c3fe8d8c69343
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c6ea87195b2de2348656ce84e55f93c8cb6b6f82d922b80c5c7e86a933ae34d2
c6f033f31efd6a9084c44e6dc18b7a9675a5cda2a5c9aa39b9378cf39bbd9037
c7be64a729899c601c28a074bca4113d1ac09d84eab6e77c6ff5071f5fa3eaf3
c8b7f279a0d4d893b4b8ebd5d1081e28ea309ff76643d5a6817d87ea12664b0c
cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9
cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de
ccebb547f73db441e2228d1363e3ffed3aad41704c11c95052ea53999c2097b3
d1c50e6a3a0bf0c4646842c917dd24466970011960d0ad95a24b1c180f60a30d
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d2fae95a3952bc78d7c1b3183d8e69bd4c6a22e32fd3d9c008548b441176d945
d40e5944606d67b7ef70261aa7c29ba451cacd8e33c468f5aabfa7024c70f42f
d808b4b693f1125e421db8eae228e43252ceaad83dc2b720b18e8789c231cc03
da28ec22af37d5c341ebf4f5797ccad43bb9ac59ed95432f9561bec882aceeda
dab25691c4b0defa1e1a2463788727826ae3c1ecc8d803a907a866aa423d21e3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc36dd659141995849f00b3e7f855fb2c9d710ddf7faafa0559e61894270a2dc
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd03eda5317d9d62243195e41b4b52d55640561480d2682fcf6daf9b90987434
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e4856e499bd2475985f743eca30f14d130060708ba01b48cece5803bb76d365b
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e5fef09d35d8f0d5490b3c28723e0f1f01d59569f345a985402d387ead2367e8
e6bf2010a4fb62b2cb19950e627af8234276151995216a2ad24e70278e4b762b
e84a841e86b9eb8416be31b1b653d266d7a449c1daaacf002c6c9d9fa83a28fc
e9ed5aa50fca23b4af006c795f812bcd4bd213f759777c7810f4a65be907d8b1
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f1cc5c992c4d89446fa6a50db3159fb8afa92541cc44b03ef50eae4123f3bb21
f262ae2d53bcc3ee8e8f7e1fa7e40eae06ea3a8b9efa54dc16775ff5960cb366
f495e5937d0495eefc0951070a96dc7b10d4d96d7f436afc994f17dbd54cc58b
f743de19b126b3a5a5cf3878c5a3bc8f0b663fb165463f60b32cca819d2b23f3
f8b8c8146d6359d62410c5da0c4573717f95f8a2e79fcdf1c3ab242a70d10488
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fb695b1b988887b139911f373ac7ce2e1abdc138cc5835f37ed1419975412f76
fcac106ac55e8491fa8c466f0e1955060d3e724159264b3f28c4abaf4f8bcba7
fdf89621ab181ee8f8396b1ee334b06e1c03c5a4e93033080a41aa7316f7afa9
ff049ea3e6d3eea94c61fc75b0bbd39a7e6414079df50c6e671df2e56265ae62
ff7e8153b8f54924dd82b47d0983c46241e07079822cf93e349b9b29f5d34c19

www.safeguardcyber.com Open in urlscan Pro 2606:2c40::c73c:671f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

260 Requests

100 %HTTPS

53 %IPv6

34 Domains

59 Subdomains

49 IPs

5 Countries

4603 kBTransfer

15576 kBSize

35 Cookies

5 Outgoing links

Page URL History

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.safeguardcyber.com Open in urlscan Pro
2606:2c40::c73c:671f Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

100 %
HTTPS

53 %
IPv6

34
Domains

59
Subdomains

49
IPs

5
Countries

4603 kB
Transfer

15576 kB
Size

35
Cookies

260 HTTP transactions
4 data transactions